Pages:
Author

Topic: Recommended Google Authicator for Exchange Market account (Read 283 times)

full member
Activity: 496
Merit: 142
Hire Bitcointalk Camp. Manager @ r7promotions.com
sr. member
Activity: 1372
Merit: 348
You literally listed the least recommended 2 factor authenticators anyone should use out there  Cheesy

The fact that your backup is stored in the cloud and the apps are not open source should be enough to keep you away from those apps when it comes to security of your accounts.

Funny thing is he recommended Google Authenticator not the common term two-factor authenticator.  Btw, while looking for additional authenticator, I happen to stumble on YubiKey authenticator, anyone had tried this one?  I read this one is a physical key

Call it the odd one out, but YubiKey by Yubico is the gold standard for two-factor authentication.

This is a physical key providing the ultimate security. Still, you can also use it with the YubiKey authenticator application if a specific platform doesn’t support hardware authentication.

There is also this  Duo Mobile for android devices and there is also this 2FAS

full member
Activity: 1489
Merit: 150
Twilio Authy Authenticator

  • Its recommended authicator for securing your exchange account because when mobile phone is damaged and accidentally uninstall this application you can recovery back up trough log in with another mobile phone or re installing and login use the same mobile phone number.
  • You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone

I use this app to store my 2fa and it's almost 10 years that I use it without ever getting any problems. The good thing about this app is that I can use it for multiple devices just by login via phone while the google auth can't do it.
sr. member
Activity: 1400
Merit: 283
DGbet.fun - Crypto Sportsbook
When we talk about security, we shouldn't care too much about convenience, just because we want to be convenient to use at the expense of our security and privacy. That's not worth the trade-off. We should not trust anyone but ourselves.

I see many people still using Authy and Google authen, that's really a warning to all of us. As I know, Authy was hacked by a hacker eight months ago. Although it hasn't caused any serious problems, it shows that hosting 2FA on online storage services is too risky. And there is no guarantee that they will continue to keep your 2FA data safe in the future. Google Authen is also a good 2FA app and quite popular because everyone trusts Google's reputation. Many people think they are large corporations, so there will be no problem, this is also the next misconception. Even national security data can be hacked, Google data is nothing, don't trust them too much because anything can happen. More importantly, both are closed-source applications, they collect user data without our permission, and we won't know what they will do with our data, so that's a true risk to us.

I used 2FAs in the past because I thought they didn't collect data and it was open source, but then thanks to @o_e_l_e_o I learned that they collect our data. So I switched to using Aegis Authenticator and am satisfied, and it deserves to be a genuine 2FA app.
My advice regarding passwords, 2FA, we shouldn't trust anyone or any organization, keep it to ourselves. Sometimes manual conversion or backup will take time but will bring high security for us. Use open source apps like Aegis, Tofu, and Raivo instead of closed source apps.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Twilio Authy Authenticator
  • Its recommended authicator for securing your exchange account because when mobile phone is damaged and accidentally uninstall this application you can recovery back up trough log in with another mobile phone or re installing and login use the same mobile phone number.
  • You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone

  • And pray no hacker would be able to access your account

In an update to its incident report on August 24, Twilio said that the hackers gained access to the accounts of 93 individual Authy users and registered additional devices, effectively allowing the attackers to generate login codes for any connected 2FA-enabled account.

People could minimize the risk by disabling multi-devices but keep in mind that authy could still acess some user information which from a malicious standpoint are still valueable. It's closed-source as well so you have to trust everything is okay on the background.

Only if you enabled a Backup Password can we know what 2FA accounts you have added:

For accounts added by a scanned QR code, the Authy app uploads the QR code. QR 2FA account sites/providers are free to decide what data is in the QR code, but typically this consists of the site name and the user name or email address.

Ease of use is nice but it does come with a cost, sadly.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
  • Its recommended authicator for securing your exchange account because when mobile phone is damaged and accidentally uninstall this application you can recovery back up trough log in with another mobile phone or re installing and login use the same mobile phone number.
  • You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone


It also means that if your sim card is stolen then there is a possibility of all your accounts being hacked.
You might also become a victim sim cloning, sim swapping etc... which are potential risks.

This is a good topic though, as it shines some light on which authenticators are bad and which should be used instead.
sr. member
Activity: 2114
Merit: 309
this will be a marker if there is a withdrawal that is not made by the owner. There will be an email notification of the withdrawal code, if the withdrawal code is wrong, it will not be withdrawn even though it has 2FA on the lost smartphone.
All exchanged detected with new access account trough new IP address and need email confirmation beside 2fa its important thing when account withdrawing by not the real owner. OP is right about important 2fa authicator but its seems not problem when exchange account have submit 2fa when losing access by losing phone because resubmit KYC will give restore back to 2fa authication.

We must be careful so that the devices we use for activities and use for exchange are not lost. because it is quite important.
Device access and IP address for exchange account its important with all procedure from exchange market detecting new device or new IP, protect email account and use back up when have abnormal accessing device or IP access.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
I am using Google Authenticator till this day and I have no single problem using this Authenticator application, I have use 4 different types of android smartphones and I have import my Google authenticator account from one phone to another till this day I have no single problem using Google Authenticator on those phones.
2FA - Important Precautions with Google Authenticator

It is not an open source 2-factor authentication application and if you are an open-source enthusiast, you will not like it and will find alternatives (open-source will be your main consideration).

You should prioritize open-source things as you can verify it or at least other prominent developers can verify it. If the community did not report shady malicious things with that application, it looks good enough. For close-source applications, nobody can verify codes.
legendary
Activity: 2338
Merit: 1084
zknodes.org
I am using Google Authenticator till this day and I have no single problem using this Authenticator application, I have use 4 different types of android smartphones and I have import my Google authenticator account from one phone to another till this day I have no single problem using Google Authenticator on those phones.

People are worried that Google 2FA authenticity now have backup using Gmail account I don't have to be worried because the only account that I store using Google Gmail are crypto Exchange account.

if you are worried of losing your funds on crypto exchange use more than Google 2FA Authenticator, you can add up an extra withdrawal PIN code on binance exchange for example or set up your phone number as extra security before withdrawing on the exchange.
this will be a marker if there is a withdrawal that is not made by the owner. There will be an email notification of the withdrawal code, if the withdrawal code is wrong, it will not be withdrawn even though it has 2FA on the lost smartphone.

We must be careful so that the devices we use for activities and use for exchange are not lost. because it is quite important.
member
Activity: 111
Merit: 17
Depend your hands choose which one recommended authicator for securing exchanges account.

The authenticator is required to strengthen the password when logging into an exchange account.
Losing the phone will not affect the loss of access to the exchange account as long as the owner of the exchange account saves the key and/or saves the QR code for rescanning.

Choosing an authenticator application should be an open source one that has no relationship with the owner of the authenticator application.

If the OP meant the authenticator discussed is only for exchange account purposes, but don't store valuable money and coins there.
The coins stored on the exchange do not belong to the exchange account users but to those of the exchange owner.
sr. member
Activity: 952
Merit: 275
I am using Google Authenticator till this day and I have no single problem using this Authenticator application, I have use 4 different types of android smartphones and I have import my Google authenticator account from one phone to another till this day I have no single problem using Google Authenticator on those phones.

People are worried that Google 2FA authenticity now have backup using Gmail account I don't have to be worried because the only account that I store using Google Gmail are crypto Exchange account.

if you are worried of losing your funds on crypto exchange use more than Google 2FA Authenticator, you can add up an extra withdrawal PIN code on binance exchange for example or set up your phone number as extra security before withdrawing on the exchange.
legendary
Activity: 1526
Merit: 1032
Up to 300% + 200 FS deposit bonuses
Twilio Authy Authenticator

  • Its recommended authicator for securing your exchange account because when mobile phone is damaged and accidentally uninstall this application you can recovery back up trough log in with another mobile phone or re installing and login use the same mobile phone number.
  • You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone

Yes, we have to always an active mobile phone number, If expired or damaged that will be a big problem.

In my country, that mobile phone number (SIM CARD) is have limited 1 month and must be recharged before expired next month, this situation is a problem also, especially if there is internet at home and forget to recharged mobile phone number (SIM CARD), then expired that can't be used it anymore, So if expired, we can't receive sort message or SMS to recovery Twilio Authy Authenticator, then all lost.

This is attention.
sr. member
Activity: 616
Merit: 442
Forum Only For Fun
I'm still very new to forums and my first post on forums was asking about wallet security because a basic technical wallet as storage is very important for both sender and receiver of coins.

Only 8 posts including this post in one month I made. Lazy? No. I'm taking the time to try to read discussions that I think are important for me to get answers about security. In the process of following each discussion I've come across authenticator security issues.

In my opinion, who is still a beginner, your recommendation is not to maintain security. It might give a signal to third parties to take our coins when the time comes.
Sorry if I was wrong in commenting on your post.
hero member
Activity: 1470
Merit: 790
ARTS & Crypto


According my experienced when my mobile phone have been damaged last month and loss access to google authicator does not store 16 digit code I faced difficult how to access with all exchanges account linked with both authicator between Twilio Authy Authenticator and Google Authicator .

I will explain about two authicator advantage and which one recommended for using.

Twilio Authy Authenticator

  • Its recommended authicator for securing your exchange account because when mobile phone is damaged and accidentally uninstall this application you can recovery back up trough log in with another mobile phone or re installing and login use the same mobile phone number.
  • You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone

Google Authicator

  • Losing phone or this application uninstall you can't recovery back without saving 16 digit code because login access to this application not trough email or mobile phone number


Depend your hands choose which one recommended authicator for securing exchanges account.





I recommend the authenticator from Google as it is a large and reliable campaign. They will definitely not let you lose access without leaving you without support. If you have a phone number linked to a record or email, then you will be able to prove that it is you. It is easy to transfer all the data to a new device, just copy the export file.
I recommend it unequivocally.
copper member
Activity: 1498
Merit: 1619
Bitcoin Bottom was at $15.4k
Google Authenticator has recently provided an update that allows you to link your backup codes to an email address so the next time you re-install the app on any phone, just log in to your email and you will get all your 2FA codes available on the phone.

But that is the thing which people don't like. If you email address is compromised, you lose all the access.
sr. member
Activity: 658
Merit: 441
I've been using Google authenticator and it's working fine for me even when I lost my phone I was still able to get access to my exchange and other accounts. When creating a Google authenticator for a particular account, I always save my secret keys on my colornote which is backed up to Google server. So when I got a new phone, I just downloaded the colornote app and signed in with my email and password and my backed up notes and secret keys of all accounts were restored on the new phone.
legendary
Activity: 2380
Merit: 5213
You can got second chance with Twilio Authy Authenticator if mobile phone number still active whatever application have been uninstall or losing mobile phone
This means that your secret key is stored on their server. I would never recommend using such an application. It's recommended to use an open-source 2FA application which doesn't keep your data.
As mentioned above, you can use Aegis for Android and Tofu for iOS. If you worry about recovering your account in the future, just backup your accounts.
legendary
Activity: 2366
Merit: 1272
Heisenberg
You literally listed the least recommended 2 factor authenticators anyone should use out there  Cheesy

The fact that your backup is stored in the cloud and the apps are not open source should be enough to keep you away from those apps when it comes to security of your accounts.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
Your post is against what is on this thread: To Electrum 2FA wallet users and other bitcoin 2FA wallet users

You can now synchronize google 2FA with google cloud with your email, which is the reason you should not use it. This is the reason Authy is not also recommend.

You can read that thread. The authenticators people mention to be good are:

  • Aegis, for Android
  • Tofu for iOS
  • Raivo for iOS

Each site will give you the secret code, backup the secret code offline in more than one places where they are safe.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
It can be used for many types of account, not only exchange account. Your topic title is not general enough.

If you want an open source 2-factor authentication application, let's consider.

Pages:
Jump to: