Pages:
Author

Topic: Security Alert: Update your Authy to the latest version - page 2. (Read 269 times)

sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.

Guys any recommendations?  Smiley
Google authenticator is a close source authenticator app which is not advisable for you to use in the first place.

So I will advice you to check out the list of open source recommended authenticator app and use.

Best 2FA applications to use. Open source, free, secure. Better than Google's

I know of a good open source authenticator app (https://github.com/beemdevelopment/Aegis), but I'm not sure if it supports online backups. The last time I checked, I can't remember much, but it didn't have any online backup system. And since Google Authenticator has an online backup system, I am using it even if it's closed source. It's very convenient for me to login and access my keys and codes. I just have to login to my Gmail.

For example, if I loss my device is there any way to recover my keys again? Because AFAIK for the apps you suggested everything is stored locally.

Aegis was included in your link!!! Opps, I didn't clicked your link and started writing my reply.  Tongue


sr. member
Activity: 1288
Merit: 231
Hire Bitcointalk Camp. Manager @ r7promotions.com
Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.

Guys any recommendations?  Smiley
Google authenticator is a close source authenticator app which is not advisable for you to use in the first place.

So I will advice you to check out the list of open source recommended authenticator app and use.

Best 2FA applications to use. Open source, free, secure. Better than Google's
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
I used Twillio, aka Authy, in the past and had bitter experience using it. For some reasons, I had to factory reset my device and lost Authy login data in the process. After recovering, I was asked for the master password. Basically, all my keys were encrypted in cloud storage, but I couldn't remember what the password was. Without it, the keys cannot be decrypted. Even though I had the original email and number associated with the account, I couldn't reset my password. It's a one way system kind of thing. If you forget it, you can't reset it (I don't remember much, but it was something like that). And in the end, I lost every 2FA keys and had to leave Authy. Luckily, I had manually backed up my keys.

Currently using Google Authenticator. Don't know how safe it is. But at least there is no chance of losing the 2FA keys unless my Gmail is lost/hacked/compromised.

Guys any recommendations?  Smiley
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
You should not have to sign up for an authenticator app or create an account in order to be able to use it. What kind of logic is that anyway? Even Google Authenticator and Microsoft Authenticator don't make me sign into my account before I use them.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
I stopped other 3rd party authenticator apps I kept using Google Authenticator which doesn't ask for a phone number or email you can use it without them just make sure you separately save your backup codes to a safe place so that you can use them in other app or use it for recovery purposes.

Authy is not the best authenticator since before their data always got breached and it isn't safe anymore to use in any exchange accounts.

Look at the old news about this below

- https://www.engadget.com/twilio-authy-data-breach-202314313.html
legendary
Activity: 1652
Merit: 1208
Gamble responsibly
I saw on news like a day or two days ago about how Authy users data (maybe email or phone number) were leaked. I am not an Authy user and I can not use it at all. We have warned people several times not to use the authenticators that will collect some personal information from you. There are better 2FA apps like Authy and Tofu.

Maybe it is online data breach which has been used to have access to Authy users account that we are going to see next on the news. Stop using Authy.
hero member
Activity: 2842
Merit: 772
Twillio, a cloud communication provider recently raises a security bulletin about a unidentified entities was able to take advantage of an unauthenticated endpoint in Authy (a free mobile app for two-factor authentication), to filter out identities of data associated with Authy accounts which include cell phone numbers.



https://www.twilio.com/en-us/changelog/Security_Alert_Authy_App_Android_iOS

This is so important for crypto traders as we could have been using Authy as 2FA for our online accounts. So for members who are using Authy, better to update your apps to the latest version as per advisory.
Pages:
Jump to: