Topic: Lost my 2FA Google Authenticator Code - CEX.io (Read 336 times)

Having some message OTP verification is not by any chance the solution in this kind of situation, the OP will still need the 2FA code before he can access his account and his ID document will still be needed if he wants to rectify the 2FA.
With that been said, is better for the OP to write down the backup code on paper and keep it safe or make use of Aegis which some outstanding features instead auth or google authen.
@up136191857, an exchange like Binance give fast response and solution to issue like this.

Good thing to hear up some updates from you op, this is why its really always better to set out aside from google auth 2fa on having also some message otp verification in case on having these kind of possible
problems in the future.

Since this issue had been already resolve then better lock off this thread to prevent further replies.

UPDATE:

I tried to log in today and they disabled the 2FA and I was successfully logged in.

Thank you guys for participating in this topic, your replies were nothing but helpful.

I really appreciate everyone, let's hope this topic/thread serves as a solution for anyone.

Cheers 

I did sent the user ID but still nothing.

In their support system they pretend that answer could take up to 10 days but in my case it’s been more than 3 weeks.

Still nothing

Have you PMed @CEX, someone ever 20 days no response yet, but almost of them got reseted  [1], [2], [3], [4], just make sure you explain the detail and send user ID, ticket number to him.

2 weeks gone by. Still nothing.

OP, I try to push them through Twitter. I hope we will get some reaction when this is more public.
I am still surprised by their slow response in this case.


I chose SMS as extra authentication protection here, just because of a possible complicated situation like this. In the meantime, I broke my phone a few time, so there would be a lot of problems even if I think I’m not using CEX only with 2FA.

CEX is not only the exchange with bad support and most of them are saving on stuff, but we should take more care about 2FA backups.
There is also free open source software for windows called WinAuth we can use for this in combination with mobile apps like Aegis.

I have already sent them my personal information (ID, Address). Still nothing.

They will definitely ask a full copy of personal documents before processing your request. Cex.io has been a well-known crypto exchange for Ukraine-based crypto companies but they have slow support after the increasing popularity of crypto investment. No worries, the support team will reset the 2FA even if you have no access to the lost phone number/email/authentication app.

I also didn't know about the recovery process but not going to change the default 2FA app to another one. Authy has done an amazing job after losing access to the old Google Authenticator app which contained more than 30 private 2fa keys to online accounts. I am ready to share documents if the Authy team asks this for security reasons and proving identity by asking few questions.

Damn I really used to think Authy is a goat of a 2FA app, especially after finding out how bad GA was after I lost one of the 2FA keys. Welp, I am wrong as it seems.

Btw, this aegis, I have never heard about it up until now. I looked it up right now and the reviews seem great thus far. I will check it out, thanks!

---

Dude you should make a thread of all useful/privacy friendly crypto-services cause I assure you dumbasses like me don't know a lot about it.

Hello guys,

I just wanted to update the thread about my issue. Still haven't heard back from CEX it has been more than 9 days since I contacted the support and no answer till now.

Definitely they do have poor support system. It makes no sense at all.

Waiting...

I was reading from here: https://www.twilio.com/legal/privacy/authy

Emphasis mine. More worrying that just for account recovery, they may also lock you out of your 2FA account (and therefore all of your online accounts which use 2FA) and demand KYC "from time to time". How reassuring.

They track your activity across all your accounts, linking that to your email address, phone number, and IP addresses...

...and they share it with third parties.

I don't understand the benefit of this service. It is the equivalent of a web wallet for 2FA: You are letting someone else handle all your codes, have the power to lock you out of your accounts, and invade your privacy, all for something you can do yourself easily, freely, securely, and privately.

o_e_l_e_o, AFAIK authy do not do that.

Authy doesn't request location access neither email address. The only thing authy gets is the phone number.

I never even heard about they requesting KYC documents.

I look at their help page (https://support.authy.com/hc/en-us#) and the word KYC or Documents is not even mentioned anywhere.... where did you see that they require  KYC?

If that's true, I would maybe shift over to another software. But I use authy for years and never had any similar problem..


Edit:
I found:
https://support.authy.com/hc/en-us/articles/360012304633-Authy-Phone-Change-and-Account-Recovery-Photo-ID-FAQs

Terrible for authy... this KYC makes no sense at all...

This article might help you ]Cex.io two factor authentication 2fa trouble shooting

Give some tries to solve your own problem while waiting for their response since support take time to answer maybe due to some load of works given to them so better spare some extra time to do it for yourself.

Thank you to you all for your readiness to help me. I never thought that here I could find a lot of people that will actually try to help you.

Update: I received a reply from CEX account here telling me that I have to wait for my queue since there are a lot of requests especially during these times since everybody is into it.

I still cannot access the account but I hope my turn will come soon.

I will update the thread often so I anyone how will have the same issue as me, should definitely find this helpful.

For sure this topic has convinced me to be more active on the forum and spread my knowledge here.

If they're still using standard TOTP, any compatible app should work.

An even better option is to use a 2FA app such as Aegis, which allows you to export an encrypted database of all your shared secrets, which you could store on an offline medium such as a USB drive. Then, if you lose your phone and you need to recover your 2FA codes, it's as easy as downloading the app on your new phone and importing the back up.

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.

I agree with you, Authy is much better than GA, he is connected to your account, not the device. I use SMS as 2FA on Cex.io, because do not want to have risk if I lose or broke my phone device.
But do you know that Coinbase after 31.03 will no longer support Authy? They suggest to all users to move on GA
Sorry OP, now we are going to offtopic

You can register 2 devices of yours. For example 1 smartphone and 1 notebook (as a back up). You will have all your 2FA codes in both devices, and you will disallow that someone add another device. For example, if a hacker steals your password, he won't be able to access any of your 2FA codes as he can't add another device without your permition from an allowed device.

This is the difference between GA and Authy: You have the security that a hacker cannot add another device even if he steals your password, and you are still able to access your accounts if you lost one device.

If you lose your phone, just buy a new one and add that new phone from your allowed device.

Much better than GA.


Storing your passwords and private keys of 2FA codes in a file on a notebook is very dangerous (and those private keys are mostly very big and impossible to write down in a paper). This file contains sensitive information that a hacker can access without major difficulties and steal money that may exist on exchanges or other services where the user keeps cryptocurrencies.

Authy is a software created by cybersecurity professionals that know what they are doing. What you are suggesting is the same as storing bitcoin private keys in file in your notebook... This may work for a while, but you might (and probably will) get hacked one day.

Unless you are a security specialist, I would advice everyone to work with the appropriate software.