Pages:
Author

Topic: Is one method of 2FA safer than another? (Read 1943 times)

hero member
Activity: 658
Merit: 500
October 29, 2014, 08:29:08 AM
#23
The safest one is by SMS, but it's not the best if you worry about privacy and doesn't want to give your phone number to strangers.
sr. member
Activity: 266
Merit: 250
October 29, 2014, 08:25:57 AM
#22
The safest form of 2FA is probably using text messages to your phone. Email can get hacked, but your mobile phone is always with you (well, except it gets stolen, then you have bigger problems to worry about).
full member
Activity: 154
Merit: 100
October 29, 2014, 07:35:30 AM
#21
For me the best way is the Google authenticator app, its really more safe.
legendary
Activity: 1512
Merit: 1011
October 14, 2014, 08:28:42 AM
#20
anyone knows which one use for google 2FA?
android phone or google mail that used in android?
i changed my OS/ROM for my android phone, and didn't see my site lists which use google 2FA Sad
ccan i recover it using my gmail that i used before in my android phone?
hero member
Activity: 797
Merit: 500
BBOD fast, non-custodial & transparent Exchange
October 13, 2014, 11:11:48 AM
#19
authy is best app for 2fa ..Recently a pc version has also been introduced..check the official website
legendary
Activity: 1918
Merit: 1018
October 13, 2014, 06:33:50 AM
#18
Complicated username that you don't use for other websites
Kind of complicated password that you don't use for other websites
Google F2A
Virus protected computer
hero member
Activity: 882
Merit: 1000
October 13, 2014, 06:30:38 AM
#17
Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.

True, but 2FA isn't limited to only bitcoin storage. It is applicable to online banking, email, dropbox and in the future your bitcointalk account. Smiley
sr. member
Activity: 366
Merit: 250
October 13, 2014, 06:30:16 AM
#16
Is it better to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

Am I correct in believing that an email would be the least secure of the three?

Thanks.

I personally think a text is the most secure and an email is the least. Your email can easily be hacked into, whereas your phone number is pretty safe.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
October 13, 2014, 01:31:38 AM
#15
Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.

Only leave enough online for buying coffee and lunch.

Keep seperate paper wallets, with small amounts, you can sweep, when you need more in your online wallets.

In my view distribution of coins in many wallets, decrease the risk of losing them all in one hack. ^Smile^
full member
Activity: 208
Merit: 100
October 12, 2014, 06:13:10 PM
#14
Just realised that authy has a desktop app...
hero member
Activity: 672
Merit: 504
a.k.a. gurnec on GitHub
October 12, 2014, 11:55:24 AM
#13
One thing not yet mentioned in this thread is the difference between per-transaction 2FA and logon-only 2FA.

Logon-only 2FA (such as supported by Blockchain.info) helps protect against password brute-forcing attacks. Unfortunately, it does practically nothing to help protect against malware.

Per-transaction 2FA (such as supported by GreenAddress.it and BitGo.com) means that each transaction that sends bitcoin out of your wallet must use a new 2FA code. This type of 2FA offers very effective protection against malware (although it's not necessarily perfect).

You should keep all this in mind when weighing your wallet options.
sr. member
Activity: 252
Merit: 250
Skoupi the Great
October 12, 2014, 11:53:17 AM
#12
I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it.

That is how is supposed to work since authy gives yout the option for multiple devices.
newbie
Activity: 38
Merit: 0
October 12, 2014, 10:31:35 AM
#11
Thanks for all your input guys.

Appreciate it.

I guess I'll stick with the SMS authorization.
hero member
Activity: 644
Merit: 500
October 12, 2014, 09:01:45 AM
#10
I also recommend Authy to use, seems pretty safe and easy to use.
hero member
Activity: 568
Merit: 500
Smoke weed everyday!
October 12, 2014, 08:29:56 AM
#9
Is it better to use to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

And I'm I correct in believing that an email would be the least secure of the three?

Thanks.

I use the text option where it is available and Google authenticator where the text doesn't work, I think the text option is the safest, but when it comes to hacking anything can be hacked but I still believe hacking someone's phone to steal a code would be really difficult. And yes, email would be the least secure option.
This is correct. Text messages are probably the most secure way of 2FA as it will take very advanced technology to be able to intercept a SMS message to a phone and when you use this technology you would likely be committing very serious crimes, much more serious then simply stealing someone's account or bitcoin.

Authy is not open source and is essentially controlled by google. It will essentially be as secure as your google account.

You are correct to say that email is probably the least secure method of 2FA, however a company can potentially strengthen it by requiring email 2FA + some security question
legendary
Activity: 1638
Merit: 1010
https://www.bitcoin.com/
October 12, 2014, 08:09:34 AM
#8
I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it.
hero member
Activity: 672
Merit: 508
LOTEO
October 12, 2014, 08:05:29 AM
#7
Yes, not all 2FA methods offer the same security. The idea is to harden security, it's more difficult than only one identification method but by no means uncrackable.
hero member
Activity: 619
Merit: 500
October 12, 2014, 08:02:41 AM
#6
I agree with you that email 2FA is the worst for 2 reasons.
1. If you have a malware on your pc, it is likely all your accounts including your email will get hacked.
2. You will need to be very careful separating real 2FA emails and phishing emails.

Other than email, the others are all good IMO. Smiley
member
Activity: 112
Merit: 10
October 11, 2014, 01:10:06 PM
#5
I don't think authy is safe as it keeps your data online. Route for either Google Authenticator or sms. Even Google Authenticator is unsafe because it stores data on the phone so try to use spare phone that will never go online and keep the phone in a secure place.
sr. member
Activity: 252
Merit: 250
Skoupi the Great
October 11, 2014, 11:58:16 AM
#4
The nice thing about text is even if phone is lost you are able get a new phone and receive it.

This is possible with authy to. It has a cloud based (encrypted ofc) back up option.
Pages:
Jump to: