Author

Topic: So I dropped my phone in the water with all the 2fa keys on it... (Read 1341 times)

legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
LOL, yeah you can do it with any of these scammers' signature codes. Just copy their template and change the wording and links to suit.

I got the idea from someone else here I'd seen had done it so I can't take the credit for it.



sr. member
Activity: 434
Merit: 250
Loose lips sink sigs!
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.


I want to join your signature campaign, hahaha. Sorry for the hijack post, couldn't help passing this up.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The problem of Authy is that it is "online" which is not secure. However, some sees that as an advantage.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

Website have to manually implement this option. For example, Twitter has backup codes.

As long as you save and secure your pairing code, you are safe.
legendary
Activity: 1764
Merit: 1000

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.


yep, got it fully synced and backup enabled. authy codes work on both mobile and desktop. that's what confuses me the most
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.
legendary
Activity: 1764
Merit: 1000
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.



I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I like your signature. Tongue Guess not many will realize its content.

Thanks, yeah I've got a thing about scam cloud mining sites and the negative repercussions on the wider cryptosphere.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Authy can handle any 2fa, including the 'standard'. So, if Google's Authenticator can work for a site, then Authy most definitely will.

It's just a predefined cryptographic code sequence, it isn't unique to Google.
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.

legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



I like your signature. Tongue Guess not many will realize its content.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Im not sure that it makes sense to install it on desktop. The whole purpose of 2FA is to protect your accounts against hacking and so on. When you have your password and your 2FA on the desktop then the risk is high. If you have 2FA on smartphone then the hacker would need to hack both.
legendary
Activity: 1764
Merit: 1000
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.



the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please
legendary
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.

You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too

Yes. Or simply safe it in some textfile and make encrypted backups from it.

Writing down can be safe too when you dont add the 2FA by using the QR-Code but instead writing the code down and manually enter it in the smartphone. Since you have to enable 2FA on the site with a correct 2FA-Code later, you know for sure that you noted down the creation code correctly.
legendary
Activity: 1120
Merit: 1000
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.

You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too
sr. member
Activity: 290
Merit: 250
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.
legendary
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I have Google authenticator on iphone. Can I just copy and crop the QR code and save it onto my computer? Is that sufficient enough to back it up?

No. You need to backup the pairing code. The one you enter/scan before the codes start appear in your authenticator.
sr. member
Activity: 290
Merit: 250
I have Google authenticator on iphone. Can I just copy and crop the QR code and save it onto my computer? Is that sufficient enough to back it up?
sr. member
Activity: 310
Merit: 256
Photon --- The First Child Of Blake Coin --Merged
suggestion

use a qt client for conis not a phone


there are ways to 'reproduce' or 'emulate' the 2fa environment on a laptop of desktop,


im sorry you had trouble,


sr. member
Activity: 476
Merit: 252
ImmVRse | Disrupting the VR industry
You can always backup google authenticator with titanium backup and save the backup on your computer (if you are using android)
Or you can save each QR-code of the initial add of the 2fa.
full member
Activity: 168
Merit: 100
Ya putting it in a bowl of rice always works
full member
Activity: 235
Merit: 100
I got my phone working again with the rice in the bag trick!

But how do I back up my keys just in case same thing happens again? (knock on wood)
So, write down your keys on a paper and don't let it others to know.
sr. member
Activity: 290
Merit: 250
I got my phone working again with the rice in the bag trick!

But how do I back up my keys just in case same thing happens again? (knock on wood)
legendary
Activity: 812
Merit: 1000
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

Its possible on some services to get access again you just have to wait a while once you have told them.  They must check you are not a hacker trying to get access.

I have the same deal as you if i drop my phone in the water/lose it.
legendary
Activity: 1722
Merit: 1000
Satoshi is rolling in his grave. #bitcoin
How is it possible that you sim card got damaged in water? mine was few times and it's working just fine.
Can't you just use it on a new phone with same sim card? I'm assuming u're getting 2fa codes to that number..

cheers
sr. member
Activity: 268
Merit: 258
If you contact your cell carrier and get a new sim card for your number from them and put that into another phone, you should be able to verify with whatever 2fa service you use to reset everything for your new phone.
legendary
Activity: 2590
Merit: 3015
Welt Am Draht
I had a 2FA failure with a couple of websites. They were able to bypass and reset it with some extra info including an email from the registered address and an educated guess of my balances. It's totally down to their discretion though.
sr. member
Activity: 290
Merit: 250
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

https://accounts.google.com/b/0/SmsAuthSettings this link if it was a google auth. Use the back up codes at the end of the page.

That's what I use!
Thank you !!!
legendary
Activity: 1078
Merit: 1024
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

https://accounts.google.com/b/0/SmsAuthSettings this link if it was a google auth. Use the back up codes at the end of the page.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

Its pretty easy if you have backups.

I fear not Sad

Contact each service directly and ask for their procedure in this case. It will probably take a while.
sr. member
Activity: 290
Merit: 250
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

Its pretty easy if you have backups.

I fear not Sad
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.

Its pretty easy if you have backups.
sr. member
Activity: 290
Merit: 250
So I dropped my phone in the water with all the 2fa keys to all of my accounts and wallets on it. Can anyone tell me from experience how difficult it is to retrieve and regain access to my accounts and wallet? I have LBC, Block Chain, Circle, Coinbase, and Cryptothrift.
Jump to: