Topic: Is one method of 2FA safer than another? (Read 1913 times)
The safest one is by SMS, but it's not the best if you worry about privacy and doesn't want to give your phone number to strangers.
The safest form of 2FA is probably using text messages to your phone. Email can get hacked, but your mobile phone is always with you (well, except it gets stolen, then you have bigger problems to worry about).
For me the best way is the Google authenticator app, its really more safe.
anyone knows which one use for google 2FA?
android phone or google mail that used in android?
i changed my OS/ROM for my android phone, and didn't see my site lists which use google 2FA
ccan i recover it using my gmail that i used before in my android phone?
android phone or google mail that used in android?
i changed my OS/ROM for my android phone, and didn't see my site lists which use google 2FA
ccan i recover it using my gmail that i used before in my android phone?
authy is best app for 2fa ..Recently a pc version has also been introduced..check the official website
Complicated username that you don't use for other websites
Kind of complicated password that you don't use for other websites
Google F2A
Virus protected computer
Kind of complicated password that you don't use for other websites
Google F2A
Virus protected computer
Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.
True, but 2FA isn't limited to only bitcoin storage. It is applicable to online banking, email, dropbox and in the future your bitcointalk account.
Is it better to receive a code via text?
Or is it safer to receive said code via the Google authenticator app?
Am I correct in believing that an email would be the least secure of the three?
Thanks.
Or is it safer to receive said code via the Google authenticator app?
Am I correct in believing that an email would be the least secure of the three?
Thanks.
I personally think a text is the most secure and an email is the least. Your email can easily be hacked into, whereas your phone number is pretty safe.
Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.
Only leave enough online for buying coffee and lunch.
Keep seperate paper wallets, with small amounts, you can sweep, when you need more in your online wallets.
In my view distribution of coins in many wallets, decrease the risk of losing them all in one hack. ^Smile^
Only leave enough online for buying coffee and lunch.
Keep seperate paper wallets, with small amounts, you can sweep, when you need more in your online wallets.
In my view distribution of coins in many wallets, decrease the risk of losing them all in one hack. ^Smile^
Just realised that authy has a desktop app...
One thing not yet mentioned in this thread is the difference between per-transaction 2FA and logon-only 2FA.
Logon-only 2FA (such as supported by Blockchain.info) helps protect against password brute-forcing attacks. Unfortunately, it does practically nothing to help protect against malware.
Per-transaction 2FA (such as supported by GreenAddress.it and BitGo.com) means that each transaction that sends bitcoin out of your wallet must use a new 2FA code. This type of 2FA offers very effective protection against malware (although it's not necessarily perfect).
You should keep all this in mind when weighing your wallet options.
Logon-only 2FA (such as supported by Blockchain.info) helps protect against password brute-forcing attacks. Unfortunately, it does practically nothing to help protect against malware.
Per-transaction 2FA (such as supported by GreenAddress.it and BitGo.com) means that each transaction that sends bitcoin out of your wallet must use a new 2FA code. This type of 2FA offers very effective protection against malware (although it's not necessarily perfect).
You should keep all this in mind when weighing your wallet options.
I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it.That is how is supposed to work since authy gives yout the option for multiple devices.
Thanks for all your input guys.
Appreciate it.
I guess I'll stick with the SMS authorization.
Appreciate it.
I guess I'll stick with the SMS authorization.
I also recommend Authy to use, seems pretty safe and easy to use.
Is it better to use to receive a code via text?
Or is it safer to receive said code via the Google authenticator app?
And I'm I correct in believing that an email would be the least secure of the three?
Thanks.
Or is it safer to receive said code via the Google authenticator app?
And I'm I correct in believing that an email would be the least secure of the three?
Thanks.
I use the text option where it is available and Google authenticator where the text doesn't work, I think the text option is the safest, but when it comes to hacking anything can be hacked but I still believe hacking someone's phone to steal a code would be really difficult. And yes, email would be the least secure option.
Authy is not open source and is essentially controlled by google. It will essentially be as secure as your google account.
You are correct to say that email is probably the least secure method of 2FA, however a company can potentially strengthen it by requiring email 2FA + some security question
I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it. 
Yes, not all 2FA methods offer the same security. The idea is to harden security, it's more difficult than only one identification method but by no means uncrackable.
I agree with you that email 2FA is the worst for 2 reasons.
1. If you have a malware on your pc, it is likely all your accounts including your email will get hacked.
2. You will need to be very careful separating real 2FA emails and phishing emails.
Other than email, the others are all good IMO.
1. If you have a malware on your pc, it is likely all your accounts including your email will get hacked.
2. You will need to be very careful separating real 2FA emails and phishing emails.
Other than email, the others are all good IMO.
I don't think authy is safe as it keeps your data online. Route for either Google Authenticator or sms. Even Google Authenticator is unsafe because it stores data on the phone so try to use spare phone that will never go online and keep the phone in a secure place.
The nice thing about text is even if phone is lost you are able get a new phone and receive it.
This is possible with authy to. It has a cloud based (encrypted ofc) back up option.
Jump to: