2FA Options - Which is best? POLL

[foxkyu]

Authy is the best for me, don't have a problem with it so far.
i don't have android, so i use authy for pc, and so far so good.
is different authy and GA 

[Bralex]

I use google authenticator and will continue doing so for as long as it is safe and as easy to use as it is, never needed support i save my key so if anything ever happens to my phone i can still get on the site to change the 2fa. Super quick and easy to use i have not needed to look else where because in my honest opinion it is the best and you shouldn't try fix something that isn't broke. #1

[GigaBit]

I always take the time... to fucking disable those!!
Hate having my time wasted every time I log in for nazi control non-sense posing for my security.
Well, for you security and oral health, don't fucking bother me with BS.
I'm not a Bush made sheep who needs security at every corner of life, I can handle risk very well.
If I lose coin... well, I won't because I don't deal with exchanges and pools auto-payout.
If I do, it will be minimal and my own fault...
Leaving coin in an exchange or pool is like leaving a pan full of Gold out in the weather.

The End.

[Q7]

I use google authenticator since you can never go wrong trusting a big technology-invested corporation like them. The next best thing apart from GA is perhaps Authy since they also have the option to sync tokens on multiple devices together and it comes especially useful for people like me who uses tablets, pc and my mobile depending on my mood and location. 

[crazyivan]

I really like authy, it has never failed me, UI s much better then Google and their support s fast and responsive.
Besides these two, I have not tried the rest.

[bryant.coleman]

I have been using Google Authenticator for many years now. They are secure, reliable and cheap. The other options are not that easy to use, and most of them are very expensive.

[tzortz]

Expensive?

Can you please elaborate a little more?

[blumangroup]

I always take the time... to fucking disable those!!
Hate having my time wasted every time I log in for nazi control non-sense posing for my security.
Well, for you security and oral health, don't fucking bother me with BS.
I'm not a Bush made sheep who needs security at every corner of life, I can handle risk very well.
If I lose coin... well, I won't because I don't deal with exchanges and pools auto-payout.
If I do, it will be minimal and my own fault...
Leaving coin in an exchange or pool is like leaving a pan full of Gold out in the weather.

The End.

Why are you so angry about a simple question all you needed to say was, (No i use none of them 2fa's as i disable them every time) Nice and easy but no you have to go all crazy on us lol just calm down and take a moment before posting in future.

Oh and why the need to disable, i have never had to disable it because if i didn't want it i would not enable you ya understand?

It takes a few seconds to type in some numbers shame you find it so difficult.

(op) I use and have voted Google it has been good to me so far so i won't be changing.

Cheers.

[gentlemand]

None of the above.

I don't trust authenticator apps. My phone has repeatedly fucked up despite fiddling with the time sync. Every time I use it I fully expect to be locked out.

I'll go for one time codes written on paper.

[QuestionAuthority]

I couldn't vote because you don't have an option for LastPass with RSA SecurID.

[fox19891989]

Must be GA, I have used Authy in cryptsy exchange, but it is not cool as GA.

Reasons:

1. Google has the most advantage tech, I think it must be the safest 2FA.
2. GA is widely used in recent years, I even don't know other 2FA except authy.
3. I have used GA for 2 years, and no hackers, no stealing, it must be the best.

[bryant.coleman]

Expensive?

Can you please elaborate a little more?

The Google Authenticator is a free application and requires no fee, while the other options such as Yubikey are expensive. Yubikey costs anywhere from $25 to $500. Check this for more details:

https://store.yubico.com/

[Blazr]

In my honest opinion the best 2FA option is the google authenticator app. It is easiest and free option, maybe they can allow to buckup our codes and send them to a personal email address.

This. In the past Google released an update for Google Authenticator that had a bug that accidentally deleted some users codes.

Google intentionally didn't put in a way to back up codes as their plan is that if you lose a code you need to verify yourself with the service and they give you a new code. The problem is some websites, such as BTC-e, don't have the proper procedures in place to reset 2FA, so if you lose your code you may not be able to regain access to your account. This is particularly bad for Bitcoin websites due to the fact the bitcoin community loves anonymity, as it is difficult to verify yourself when you are anonymous.

I personally think that the security that 2FA provides is significantly over-hyped. If the device you are logging in with is infected with viruses they can hijack your session when you login and have full access to the account. The only scenario 2FA protects against is if an attacker has obtained your password without compromising your PC, this usually means you've fallen victim to a phishing scam or you reuse passwords or have significantly weak passwords, a password manager such as LastPass or KeePass does a better job at protecting you from those threats than 2FA.

[bryant.coleman]

The problem is some websites, such as BTC-e, don't have the proper procedures in place to reset 2FA, so if you lose your code you may not be able to regain access to your account.

One of my friends faced the same issue with BTC-e. But he was allowed to access his account in a few days time, after he was able to convince them that he was the rightful owner of the account. The problem with BTC-e is that their support staff speaks only Russian and it takes a lot of effort to communicate with them.

[redsn0w]

The problem is some websites, such as BTC-e, don't have the proper procedures in place to reset 2FA, so if you lose your code you may not be able to regain access to your account.

One of my friends faced the same issue with BTC-e. But he was allowed to access his account in a few days time, after he was able to convince them that he was the rightful owner of the account. The problem with BTC-e is that their support staff speaks only Russian and it takes a lot of effort to communicate with them.

It was happened the same thing to me not on btc-e but on bittrex. I have recovered my iPhone and lost all the app (I didn't buckup anything). After I have contacted their support through email and they have asked me only the last activity of my account, finally in less than 48 hours my account was "unlocked" without the 2FA. So I raccomebd to all who are trading me, to save the code ( or qrcode, when you will be activate it).

[bryant.coleman]

It was happened the same thing to me not on btc-e but on bittrex. I have recovered my iPhone and lost all the app (I didn't buckup anything). After I have contacted their support through email and they have asked me only the last activity of my account, finally in less than 48 hours my account was "unlocked" without the 2FA. So I raccomebd to all who are trading me, to save the code ( or qrcode, when you will be activate it).

A lot of exchanges don't allow such easy access, as a lot of wallet robberies are going on now. Hackers are logging in to email accounts which are linked to exchanges and are claiming that they have lost their 2FA.

[Vhawk23]

For me it's authy...
Because of their good GUI and their backup system...
And anyway google authenticator isn't working for me, so that's why i chose authy

[Alexis]

Google Authenticator, but only because it's the only I have used.
Are there any other ones that are actually better?

[Blazr]

Google Authenticator, but only because it's the only I have used.
Are there any other ones that are actually better?

Not really. There are only minor differences. None of them do anything to protect against session hijacking AFAIK. Ideally a 2FA app should show you the details of the withdrawal etc before you enter the 2FA code into the website, so you know you are authenticating the right transaction, as if your computer is infected you could be shown one address on screen yet actually be withdrawing to another.

Also Google Authenticator does not send any information back to Google, it is a standalone app that employs TOTP and HOTP and isn't reliant on Google at all. So it's reasonably safe to use unless Google has hidden a backdoor in it as it isn't open source anymore. If you are worried about that you can use freeOTP on android which is an open source app that is fully compatible with Google Authenticator as it also uses TOTP and HOTP.

[Astro]

Yubikey4lyfe!  and the NFC version is nice for using Lastpass on a smartphone.