You can backup to Google Drive for example[1]. If you want to manually make a backup of your file, then it will be saved on a folder in the local device. However, if you choose to "Export" your encrypted vault the program allows you to save your file in a cloud provider, provided that you have it installed.
I saw the Android cloud backup on Aegis but the manual backup is safer. Online backup is easier, especially during migration from one device to another but it is not safe at all. We heard of LastPass password manager issue since two years ago but later funds were later stolen from LastPass users. The issue can start from somewhere taken for granted until people regret. 
Topic: Security Alert: Update your Authy to the latest version (Read 135 times)
Use Aegis, an open source 2FA. Google Authy is closed source.
Just for the clarification, does Aegis supports online backing up of the 2FA keys? snip[1]https://github.com/beemdevelopment/Aegis/issues/258
Use Aegis, an open source 2FA. Google Authy is closed source.
Just for the clarification, does Aegis supports online backing up of the 2FA keys? Local backups are kinda pain for me! I like to test different OS/Custom Roms, it requires full format of device data. Factory reset, reinstall, backup, import, export all are a hassle when you frequently doing these kind of stuff. That was the only reason why I use Google Authenticator. Even a week ago I changed my android OS to a different build from a different developer. 
You can also turn off the 2FA synchronization in Google Authenticator if exporting your accounts is too much of a PITA.
I did not understand what you meant here. You mean it is possible to turn off the synchronization on Google authenticator if you do not want to export the authenticator codes that you setup already? You do not need the online synchronization before you can export your Google authenticator account. As for recommendation, any 2fa application that backups online should not be used. 
Google Authenticator now supports Google Account synchronization the update was done on the 24th of April last year according to that article.
Synchronization can be start of nightmare.2-factor authentication application must be an independent one and don't need to be synchronized with your Google account. If Google account is hacked, you will lose many information there includes 2FA backup.
Use Aegis, an open source 2FA. Google Authy is closed source.
https://getaegis.app/
You can also turn off the 2FA synchronization in Google Authenticator if exporting your accounts is too much of a PITA.
Google Authenticator now supports Google Account synchronization the update was done on the 24th of April last year according to that article.
Synchronization can be start of nightmare.2-factor authentication application must be an independent one and don't need to be synchronized with your Google account. If Google account is hacked, you will lose many information there includes 2FA backup.
Use Aegis, an open source 2FA. Google Authy is closed source.
https://getaegis.app/
I don't think there's an online backup it does have an export option but you can only export them if you are going to move the authenticator to a new device because it would generate a QR code that you need to scan to another device.
It has an online backup. Some people said it was optional but I updated the authenticator last year or 2 years ago and I saw that it has been backed up online. I did not know how it happened until it was too late. I never tried exporting my authenticator with email I saw this as another option but you can just ignore it and use the QR code option instead if you want to export and move it to a new device.
I do not believe in QR code backups. I backup the secret code generated on the site (like exchanges) which should be backed up. I prefer it that way. 
I thought Google authenticator is encouraging online backup. That has been the reason I do not like it.
I don't think there's an online backup it does have an export option but you can only export them if you are going to move the authenticator to a new device because it would generate a QR code that you need to scan to another device. I never tried exporting my authenticator with email I saw this as another option but you can just ignore it and use the QR code option instead if you want to export and move it to a new device. This has been effective on Google Authenticator since last year. If I can remember correctly, let me search to see if I can find the link to the update.
Edit: Google Authenticator now supports Google Account synchronization the update was done on the 24th of April last year according to that article.
I thought Google authenticator is encouraging online backup. That has been the reason I do not like it.
I don't think there's an online backup it does have an export option but you can only export them if you are going to move the authenticator to a new device because it would generate a QR code that you need to scan to another device. I never tried exporting my authenticator with email I saw this as another option but you can just ignore it and use the QR code option instead if you want to export and move it to a new device.
However, saving the secret code to an offline device is still the best way to backup your authenticator for future recovery and ignore all export option from the app.
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.
Guys any recommendations?
Google authenticator is a close source authenticator app which is not advisable for you to use in the first place. Guys any recommendations?
So I will advice you to check out the list of open source recommended authenticator app and use.
Best 2FA applications to use. Open source, free, secure. Better than Google's
You can manually write down that code each time for each app and make sure you have it backed up in a safe place so that if you lose access to the app, you can use that signature to restore it.
Backing your Google authenticator app to your cloud is a very risky thing for you to do. Once the email linked to that cloud is hacked, the authenticator's data is also compromised, as anyone who has access to the email can access your authenticator too.
Offline backup for anything remains the best for everything as it can’t be hacked by anyone since it’s not not uploaded online.
I stopped other 3rd party authenticator apps I kept using Google Authenticator which doesn't ask for a phone number or email you can use it without them just make sure you separately save your backup codes to a safe place so that you can use them in other app or use it for recovery purposes.
I thought Google authenticator is encouraging online backup. That has been the reason I do not like it.Authy is not the best authenticator since before their data always got breached and it isn't safe anymore to use in any exchange accounts.
I will prefer not to use any authenticator that encourages online backup like Authy like I have said before. The authenticator is as bad as Google authenticator which is also encouraging users data backup. Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.
Guys any recommendations?
Google authenticator is a close source authenticator app which is not advisable for you to use in the first place. Guys any recommendations?
So I will advice you to check out the list of open source recommended authenticator app and use.
Best 2FA applications to use. Open source, free, secure. Better than Google's
I know of a good open source authenticator app (https://github.com/beemdevelopment/Aegis), but I'm not sure if it supports online backups. The last time I checked, I can't remember much, but it didn't have any online backup system. And since Google Authenticator has an online backup system, I am using it even if it's closed source. It's very convenient for me to login and access my keys and codes. I just have to login to my Gmail.
For example, if I loss my device is there any way to recover my keys again? Because AFAIK for the apps you suggested everything is stored locally.
Aegis was included in your link!!! Opps, I didn't clicked your link and started writing my reply.
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.
Guys any recommendations?
Google authenticator is a close source authenticator app which is not advisable for you to use in the first place. Guys any recommendations?
So I will advice you to check out the list of open source recommended authenticator app and use.
Best 2FA applications to use. Open source, free, secure. Better than Google's
I used Twillio, aka Authy, in the past and had bitter experience using it. For some reasons, I had to factory reset my device and lost Authy login data in the process. After recovering, I was asked for the master password. Basically, all my keys were encrypted in cloud storage, but I couldn't remember what the password was. Without it, the keys cannot be decrypted. Even though I had the original email and number associated with the account, I couldn't reset my password. It's a one way system kind of thing. If you forget it, you can't reset it (I don't remember much, but it was something like that). And in the end, I lost every 2FA keys and had to leave Authy. Luckily, I had manually backed up my keys.
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.
Guys any recommendations?
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.
Guys any recommendations?
You should not have to sign up for an authenticator app or create an account in order to be able to use it. What kind of logic is that anyway? Even Google Authenticator and Microsoft Authenticator don't make me sign into my account before I use them.
I stopped other 3rd party authenticator apps I kept using Google Authenticator which doesn't ask for a phone number or email you can use it without them just make sure you separately save your backup codes to a safe place so that you can use them in other app or use it for recovery purposes.
Authy is not the best authenticator since before their data always got breached and it isn't safe anymore to use in any exchange accounts.
Look at the old news about this below
- https://www.engadget.com/twilio-authy-data-breach-202314313.html
Authy is not the best authenticator since before their data always got breached and it isn't safe anymore to use in any exchange accounts.
Look at the old news about this below
- https://www.engadget.com/twilio-authy-data-breach-202314313.html
I saw on news like a day or two days ago about how Authy users data (maybe email or phone number) were leaked. I am not an Authy user and I can not use it at all. We have warned people several times not to use the authenticators that will collect some personal information from you. There are better 2FA apps like Authy and Tofu.
Maybe it is online data breach which has been used to have access to Authy users account that we are going to see next on the news. Stop using Authy.
Maybe it is online data breach which has been used to have access to Authy users account that we are going to see next on the news. Stop using Authy.
Twillio, a cloud communication provider recently raises a security bulletin about a unidentified entities was able to take advantage of an unauthenticated endpoint in Authy (a free mobile app for two-factor authentication), to filter out identities of data associated with Authy accounts which include cell phone numbers.
https://www.twilio.com/en-us/changelog/Security_Alert_Authy_App_Android_iOS
This is so important for crypto traders as we could have been using Authy as 2FA for our online accounts. So for members who are using Authy, better to update your apps to the latest version as per advisory.
https://www.twilio.com/en-us/changelog/Security_Alert_Authy_App_Android_iOS
This is so important for crypto traders as we could have been using Authy as 2FA for our online accounts. So for members who are using Authy, better to update your apps to the latest version as per advisory.
Jump to: