Pages:
Author

Topic: So I dropped my phone in the water with all the 2fa keys on it... (Read 1341 times)

legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
LOL, yeah you can do it with any of these scammers' signature codes. Just copy their template and change the wording and links to suit.

I got the idea from someone else here I'd seen had done it so I can't take the credit for it.



sr. member
Activity: 434
Merit: 250
Loose lips sink sigs!
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.


I want to join your signature campaign, hahaha. Sorry for the hijack post, couldn't help passing this up.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The problem of Authy is that it is "online" which is not secure. However, some sees that as an advantage.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

Website have to manually implement this option. For example, Twitter has backup codes.

As long as you save and secure your pairing code, you are safe.
legendary
Activity: 1764
Merit: 1000

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.


yep, got it fully synced and backup enabled. authy codes work on both mobile and desktop. that's what confuses me the most
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.
legendary
Activity: 1764
Merit: 1000
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.



I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I like your signature. Tongue Guess not many will realize its content.

Thanks, yeah I've got a thing about scam cloud mining sites and the negative repercussions on the wider cryptosphere.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Authy can handle any 2fa, including the 'standard'. So, if Google's Authenticator can work for a site, then Authy most definitely will.

It's just a predefined cryptographic code sequence, it isn't unique to Google.
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.

legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



I like your signature. Tongue Guess not many will realize its content.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Im not sure that it makes sense to install it on desktop. The whole purpose of 2FA is to protect your accounts against hacking and so on. When you have your password and your 2FA on the desktop then the risk is high. If you have 2FA on smartphone then the hacker would need to hack both.
legendary
Activity: 1764
Merit: 1000
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.

You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too

Yes. Or simply safe it in some textfile and make encrypted backups from it.

Writing down can be safe too when you dont add the 2FA by using the QR-Code but instead writing the code down and manually enter it in the smartphone. Since you have to enable 2FA on the site with a correct 2FA-Code later, you know for sure that you noted down the creation code correctly.
legendary
Activity: 1120
Merit: 1000
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.

You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too
sr. member
Activity: 290
Merit: 250
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.
legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I have Google authenticator on iphone. Can I just copy and crop the QR code and save it onto my computer? Is that sufficient enough to back it up?

No. You need to backup the pairing code. The one you enter/scan before the codes start appear in your authenticator.
sr. member
Activity: 290
Merit: 250
I have Google authenticator on iphone. Can I just copy and crop the QR code and save it onto my computer? Is that sufficient enough to back it up?
sr. member
Activity: 310
Merit: 256
Photon --- The First Child Of Blake Coin --Merged
suggestion

use a qt client for conis not a phone


there are ways to 'reproduce' or 'emulate' the 2fa environment on a laptop of desktop,


im sorry you had trouble,


sr. member
Activity: 476
Merit: 252
ImmVRse | Disrupting the VR industry
You can always backup google authenticator with titanium backup and save the backup on your computer (if you are using android)
Or you can save each QR-code of the initial add of the 2fa.
full member
Activity: 168
Merit: 100
Ya putting it in a bowl of rice always works
Pages:
Jump to: