2FA-Recovering your KYC Google Auth Keys. - page 2.

DdmrDdmr

legendary

Activity: 2338

Merit: 10802

There are lies, damned lies and statistics. MTwain

Quote from: condoras on August 26, 2020, 06:13:58 AM

<…> I believe that Cadaver is aware of it. <…>

Aware and complacent with those/his 2FA code showing (+ 2 email addresses tied to them)?
If they are his, I don’t get why it’s taking so long to take them down (i.e. erase the original image). If on the other hand they are dummy codes, generated to exemplify, then perhaps a note would help to avoid assuming they are his codes being self-leaked and propagated.

Quote

I know but then the thread will be bigger and (I guess) harder to read it...

Not really. If the images are not massive in size, and they are meaningful to describe the procedure, I doubt anyone will complain (besides the quality thingy).

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: bob123 on August 26, 2020, 06:23:03 AM

Starting with what kind of mobile you own, would help.
Or searching for "screenshot + [your mobile]" on the internet will yield results, taking less than a minute.

Ok man, I will. Cool

For the moment I use a semi-broken screen Xiaomi M1, until my new phone arrives.

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: ?? on ??

I don't have keys for all records

Shouldn't the "export account" function, when exporting only a single 2fa, show the secret of the chosen 2fa ?
Not having a backup is just as bad as not having a backup of passwords etc. If a 2FA is mandatory, you won't gain any access without it resulting in trouble.

It is recommended to always have a backup of 2FA seeds, just as you would with a mnemonic code.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: ?? on ??

Any way to make the transfer of all readings from Google Auth to Aegis through QR codes? I have tried but Aegis failed to read QR generated by Google Auth so I have been forced to transfer data manually, one-by-one, but the problem is 1) I don't have keys for all records 2) it's a time consuming procedure.

I'm almost certain that you can't put a code generated from Google Auth to any other Auth app and I guess the opposite is not possible either.
As for problem #1 you can disable 2FA from the site that you don't have the keys using Google app and then reenable it (thus new QR code) and scan it with Aegis app.
Problem #2 is something unsolved, for now... Grin

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: condoras on August 26, 2020, 06:13:58 AM

Until I find a way though how to take screenshots with my new phone, these pics will be there.

Starting with what kind of mobile you own, would help.
Or searching for "screenshot + [your mobile]" on the internet will yield results, taking less than a minute.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: DdmrDdmr on August 26, 2020, 04:57:39 AM

You should both delete or change the last image link immediately (and the image itself from the hosting platform), if it the barcode is genuinely yours, and not a test run. I tried importing it with Google Authentifier, and It give access to sensitive information (~~which I will now delete~~-> deleted). Bear in mind that, if it is your information that is showing (@Cadaver20), it's already compromised.

I believe that Cadaver is aware of it. Undecided

Quote from: DdmrDdmr on August 26, 2020, 04:57:39 AM

By the way, you can make the images visible in the OP, instead of leaving just the link.

I know but then the thread will be bigger and (I guess) harder to read it...

Quote from: bob123 on August 26, 2020, 05:43:19 AM

And when you are at it, delete all the images and do it again. This time using screenshots.
Photos taken of a screen with a camera are.. let's say outdated.

Please use screenshots. It hurts my eyes to look at camera photos of screens.

Haha, you are totally right! Cheesy

Until I find a way though how to take screenshots with my new phone, these pics will be there. Not to mention that I'm not the fastest/ better screenshooter here... Grin

Unless a good samaritan appears, do the procedure and offer his screenshots. I will be more than happy to add them to OP.

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: DdmrDdmr on August 26, 2020, 04:57:39 AM

By the way, you can make the images visible in the OP, instead of leaving just the link.

And when you are at it, delete all the images and do it again. This time using screenshots.
Photos taken of a screen with a camera are.. let's say outdated.

Please use screenshots. It hurts my eyes to look at camera photos of screens.

DdmrDdmr

legendary

Activity: 2338

Merit: 10802

There are lies, damned lies and statistics. MTwain

Quote from: condoras on August 25, 2020, 06:16:37 AM

<...>

Quote from: Cadaver20 on August 25, 2020, 10:39:55 AM

<...>

You should both delete or change the last image link immediately (and the image itself from the hosting platform), if it the barcode is genuinely yours, and not a test run. I tried importing it with Google Authentifier, and It give access to sensitive information (~~which I will now delete~~-> deleted). Bear in mind that, if it is your information that is showing (@Cadaver20), it's already compromised.

By the way, you can make the images visible in the OP, instead of leaving just the link.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: Cadaver20 on August 25, 2020, 11:58:37 AM

Quote from: condoras on August 25, 2020, 11:09:48 AM

I will edit my OP and add them there if you don't mind...

Ok. You can do it.

Just edit the OP with the pics, thank you again. Cool

Quote from: Heisenberg_Hunter on August 26, 2020, 01:13:29 AM

If we don't want our funds to be lost, we should be storing them in a offline cold storage/hardware wallet.

Indeed the only way to have peace of mind.

Quote from: tranthidung on August 26, 2020, 01:18:36 AM

Smart phones or mobile devices are created for convenience, entertainments, and so on. For serious stuffs, do it on your desktops or laptops.

Well, can someone say that it is very convenient to trade on the beach, drinking pina colada and smoking weed but I totally agree that if you want to do serious jobs, you need desctops/ laptops. That's why I dought that a serious business like exchangers will use a mobile. Unfortunately, scams and "hacks" will always be around...

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

Quote from: Heisenberg_Hunter on August 26, 2020, 01:13:29 AM

There are people who store huge sums of bitcoin in Binance and other large exchanges for trading actively but the problem is that managing crypto exchanges through a smartphones is highly risky and this is what I have pointed out in my above post. I have also seen people in this forum who still don't own a computer and manage everything through their mobile alone. Cheesy

Binance or any other exchanges, the matter is exchanges come and go, grown big and degrade small or disappear (shut down, scam exit, takeover, etc.). Another minus point is use one or two exchanges to store all capital is terrible approach. Exchanges can be hacked and who knows will they do compensations for customers. Exchange owners can do scam exits. Governments can shutdown exchanges. Many things you can not control for your capital that is stored on exchanges. It has not yet taken into consideration that most of exchanges are centralized.

Quote

Though smartphones has become really handy nowadays and many of the global population still aren't owning a computer, managing our personal data through smartphones is literally a very bad idea.

Smart phones or mobile devices are created for convenience, entertainments, and so on. For serious stuffs, do it on your desktops or laptops.

Heisenberg_Hunter

legendary

Activity: 1584

Merit: 1280

Heisenberg Design Services

Quote from: condoras on August 25, 2020, 11:23:18 AM

Personally, I never have large amounts of BTC nowhere except my wallet. And as far as I know, doesn't need 2FA Auth...
It will be difficult to believe that companies who manage large sums will use mobile to do it.

There are people who store huge sums of bitcoin in Binance and other large exchanges for trading actively but the problem is that managing crypto exchanges through a smartphones is highly risky and this is what I have pointed out in my above post. I have also seen people in this forum who still don't own a computer and manage everything through their mobile alone. Cheesy

Though smartphones has become really handy nowadays and many of the global population still aren't owning a computer, managing our personal data through smartphones is literally a very bad idea. Not sure how people are managing them without losing it? Many of us would be aware of the recent Cashaa hack where 336 btc was stolen when they were controlling such kind of huge funds through a web wallet. Roll Eyes

If we don't want our funds to be lost, we should be storing them in a offline cold storage/hardware wallet.

Cadaver20

sr. member

Activity: 1582

Merit: 264

Next Generation Web3 Casino

Quote from: condoras on August 25, 2020, 11:09:48 AM

I will edit my OP and add them there if you don't mind...

Ok. You can do it.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: Heisenberg_Hunter on August 25, 2020, 11:00:34 AM

Though Google 2FA is open source I would go either with Authy or LastPass.

I try Authy but it was a bit difficult to follow up with it. You know, some app's "works" for me but not for others and the opposite. Authy didn't work for me. Undecided

Quote from: Heisenberg_Hunter on August 25, 2020, 11:00:34 AM

Managing some literally large bitcoin funds through mobile is quite risky and I wouldn't really trust either an exchange or an authenticator app with that.

Personally, I never have large amounts of BTC nowhere except my wallet. And as far as I know, doesn't need 2FA Auth...
It will be difficult to believe that companies who manage large sums will use mobile to do it.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: Cadaver20 on August 25, 2020, 10:39:55 AM

I want to clear you about method 1.
Step 1:
Download Google authenticator app, open the app in your new device.

Step 2: Open the app in your old device and go to the "Menu"(at the top right of the app).

Step 3:
Select "Transfer accounts".
https://ibb.co/BNsDmhK

Step 4:
Select "export accounts" in your old device.
https://ibb.co/VpbJvGN

Step 5:
Then scan the QR with your new device.
https://ibb.co/t80zjN8

Yeap, that's it. Great man, thank's for the help! Wink

I will edit my OP and add them there if you don't mind...

Heisenberg_Hunter

legendary

Activity: 1584

Merit: 1280

Heisenberg Design Services

Though Google 2FA is open source I would go either with Authy or LastPass. The latter one has a pretty good one tap push login options and the they have got some not bad reviews in playstore as well. While having 2FA is secure but they can be as bad as losing our funds if they aren't properly backed up as tranthidung said.

Managing some literally large bitcoin funds through mobile is quite risky and I wouldn't really trust either an exchange or an authenticator app with that.

Cadaver20

sr. member

Activity: 1582

Merit: 264

Next Generation Web3 Casino

Quote from: Dragonfund on August 25, 2020, 06:28:40 AM

Good, that you found out something incredible from your mistake but wouldn't it better and simpler if you add images to your procedures in method 1 and 2.
Thanks.

I want to clear you about method 1.
Step 1:
Download Google authenticator app, open the app in your new device.

Step 2: Open the app in your old device and go to the "Menu"(at the top right of the app).

Step 3:
Select "Transfer accounts".
https://ibb.co/BNsDmhK

Step 4:
Select "export accounts" in your old device.
https://ibb.co/VpbJvGN

Step 5:
Then scan the QR with your new device.
https://ibb.co/t80zjN8

yazher

hero member

Activity: 2268

Merit: 588

You own the pen

Quote from: witcher_sense on August 25, 2020, 06:35:23 AM

Great guide, but I prefer using Aegis authentification app in which it is possible to encrypt your vault and make an encrypted back up on completely offline storage. Even if I lose my smartphone, I can easily transfer the data to a new one and, more importantly, no one can access my vault on lost device because it is protected with password.

No KYC, no google, no problems.

Hey! I never thought there are some other Authentication apps you can use other than Google authenticator.
I've been thinking sometimes what if I lose or damage my phone and all of my important data are supported by Google authenticator. From FB to exchange wallet. How do I supposed to recover it? Now that I found this one, I'll gotta try it. Thanks for sharing it with us.

condoras

legendary

Activity: 3038

Merit: 1104

This is what I do. I drink and I know things.

Quote from: ranochigo on August 25, 2020, 07:43:03 AM

~snip~

Quote from: tranthidung on August 25, 2020, 08:02:24 AM

~snip~

I agree with both of you in almost everything. Sure the best/ safest way is to be prepared to save the recovery keys from the time that you enable 2FA in any site and with any app.
In the case though that you don't because you forgot it or miss it, there is a way (two actually) not to "panic". Grin

tranthidung

legendary

Activity: 2310

Merit: 4085

Farewell o_e_l_e_o

I don't put my account and my destiny on export process. I'd like to back up my codes (before 2FA activation and test it immediately by typing codes manually to activate my 2FA). If my 2FA code's back up is correct, no typo, the 2FA activation will be done smoothly.

In case if 2FA activation is failed because of incorrect code. There are two reasons:

I enter 6 digit codes incorrectly
I write down 2FA secret code incorrectly so I have to go backwards and repeat those steps again.

By doing this, I simultaneously backup 2FA secret code and test the backup's validity immediately with 2FA activation.

When I was a newbie, I simply scanned QR code and 2FA activation was done like that. I don't back up or if I backup I don't test backup's validity.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Google Auth is quite a pain in the ass to retrieve if something happens to your phone but it's a decent way to ensure security.

It's always a good idea to make a backup. When you set up your 2FA, the website/program will usually ask you to copy down a string of alphanumeric letters as a backup. You can easily import that if you need.

If you don't mind sacrificing a little security, try Authy. I'm not sure how their security fare against other services but you can recover your 2FA keys using your phone number. This is kind of risky though; SIM Jacking is quite common and you'll have to take care to use a more secure email to prevent them from resetting your Authy account. But even with that, the backups are secured with a password still.

Topic: 2FA-Recovering your KYC Google Auth Keys. - page 2. (Read 546 times)