SebastianJu
Legendary
Offline
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
|
|
July 08, 2015, 09:52:50 AM |
|
Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:
Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.
Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.
Yup, I disabled and enabled my 2fa so I can back up my keys on paper. Took a while to write random gibberish down but it brings peace to my mind. You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too Yes. Or simply safe it in some textfile and make encrypted backups from it. Writing down can be safe too when you dont add the 2FA by using the QR-Code but instead writing the code down and manually enter it in the smartphone. Since you have to enable 2FA on the site with a correct 2FA-Code later, you know for sure that you noted down the creation code correctly.
|
Please ALWAYS contact me through bitcointalk pm before sending someone coins.
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
July 08, 2015, 10:00:07 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
favdesu
Legendary
Offline
Activity: 1764
Merit: 1000
|
|
July 08, 2015, 10:09:45 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa. the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please
|
|
|
|
SebastianJu
Legendary
Offline
Activity: 2674
Merit: 1083
Legendary Escrow Service - Tip Jar in Profile
|
|
July 08, 2015, 10:19:32 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa. I like your signature. Guess not many will realize its content. Is Authy creating the same codes like 2FA or does the site owner need to use it? Im not sure that it makes sense to install it on desktop. The whole purpose of 2FA is to protect your accounts against hacking and so on. When you have your password and your 2FA on the desktop then the risk is high. If you have 2FA on smartphone then the hacker would need to hack both.
|
Please ALWAYS contact me through bitcointalk pm before sending someone coins.
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
July 08, 2015, 10:24:56 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa. the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there. You can protect the desktop version with a master password for opening, but I get your point. The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
July 08, 2015, 10:27:27 AM |
|
I like your signature. Guess not many will realize its content. Thanks, yeah I've got a thing about scam cloud mining sites and the negative repercussions on the wider cryptosphere. Is Authy creating the same codes like 2FA or does the site owner need to use it? Authy can handle any 2fa, including the 'standard'. So, if Google's Authenticator can work for a site, then Authy most definitely will. It's just a predefined cryptographic code sequence, it isn't unique to Google.
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
favdesu
Legendary
Offline
Activity: 1764
Merit: 1000
|
|
July 08, 2015, 10:44:35 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa. the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there. You can protect the desktop version with a master password for opening, but I get your point. The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy. I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas
|
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
July 08, 2015, 10:47:40 AM |
|
I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas
Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
favdesu
Legendary
Offline
Activity: 1764
Merit: 1000
|
|
July 08, 2015, 10:48:42 AM |
|
Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.
yep, got it fully synced and backup enabled. authy codes work on both mobile and desktop. that's what confuses me the most
|
|
|
|
Muhammed Zakir
|
|
July 08, 2015, 10:57:09 AM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The problem of Authy is that it is "online" which is not secure. However, some sees that as an advantage. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.
Website have to manually implement this option. For example, Twitter has backup codes. As long as you save and secure your pairing code, you are safe.
|
|
|
|
Possum577
|
|
July 08, 2015, 05:00:44 PM |
|
I cannot recommend highly enough that you ditch Google's authenticator and use Authy ( www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app. The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa. I want to join your signature campaign, hahaha. Sorry for the hijack post, couldn't help passing this up.
|
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
July 08, 2015, 05:09:15 PM |
|
LOL, yeah you can do it with any of these scammers' signature codes. Just copy their template and change the wording and links to suit.
I got the idea from someone else here I'd seen had done it so I can't take the credit for it.
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
|