So I dropped my phone in the water with all the 2fa keys on it...

[SebastianJu]

Not all services disable 2FA. You could be someone who hacked the account holders email. So i enable 2FA on my phone only that way:

Note down the code to create the 2FA (Usually around 30 or so signs) then manually enter the code in my phone. That way i know i noted the code down correctly. Then enable it on the website.

Everyone who did not note down the creation codes should disable and enable 2FA on all websites and note down the creation code. Otherwise you might not get access to an account anymore at one point. Some sites are strict there. For a reason.

Yup, I disabled and enabled my 2fa so I can back up my keys on paper.
Took a while to write random gibberish down but it brings peace to my mind.

You could print screen and print the code instead, then no need to write random gibberish unless the worse happen. And you always can write things wrong, so it is not secure too

Yes. Or simply safe it in some textfile and make encrypted backups from it.

Writing down can be safe too when you dont add the 2FA by using the QR-Code but instead writing the code down and manually enter it in the smartphone. Since you have to enable 2FA on the site with a correct 2FA-Code later, you know for sure that you noted down the creation code correctly.

[cryptodevil]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

[favdesu]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

[SebastianJu]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

I like your signature. Guess not many will realize its content.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Im not sure that it makes sense to install it on desktop. The whole purpose of 2FA is to protect your accounts against hacking and so on. When you have your password and your 2FA on the desktop then the risk is high. If you have 2FA on smartphone then the hacker would need to hack both.

[cryptodevil]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.

[cryptodevil]

I like your signature. Guess not many will realize its content.

Thanks, yeah I've got a thing about scam cloud mining sites and the negative repercussions on the wider cryptosphere.

Is Authy creating the same codes like 2FA or does the site owner need to use it?

Authy can handle any 2fa, including the 'standard'. So, if Google's Authenticator can work for a site, then Authy most definitely will.

It's just a predefined cryptographic code sequence, it isn't unique to Google.

[favdesu]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

the problem with authy is, that you're not able to sync google 2fa in the cloud. there are only local backups, correct me if I'm wrong please

Well I've got authy on multiple devices including laptops and desktop and all of my 2fa codes for all services, including Google's login 2fa are there.

You can protect the desktop version with a master password for opening, but I get your point.

The ability to create backups of all your 2fa codes is there as well, which is a whole lot more useful than Google's offering. Yes, I know you can argue for limiting the spread of which devices your run on and where you keep your backups but, to be honest with you, I'm more concerned about losing my 2fa codes than I am about being targeted by a hacker who can crack my password manager and my authy.

I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas

[cryptodevil]

I got google 2fas on authy, however, they only work on my mobile. desktop is always off (checked clock sync) - but only the non-authy 2fas

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.

[favdesu]

Do you have the desktop fully set up with your phone and does your phone automatically allow apps to sync data? Because some people have that permission switched off to save on potential data charges.

yep, got it fully synced and backup enabled. authy codes work on both mobile and desktop. that's what confuses me the most

[Muhammed Zakir]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The problem of Authy is that it is "online" which is not secure. However, some sees that as an advantage.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

Website have to manually implement this option. For example, Twitter has backup codes.

As long as you save and secure your pairing code, you are safe.

[Possum577]

I cannot recommend highly enough that you ditch Google's authenticator and use Authy (www.authy.com). It allows you to connect up your desktop and your mobile devices so that if you lose one of them to disaster you can still recover the situation easily. It is far more versatile an app.

The Google 2fa 'backup' codes are only for your Google account, not for any of the services you had registered on the Authenticator and the 'transfer to new device'? Same thing, just for your Google 2fa.

I want to join your signature campaign, hahaha. Sorry for the hijack post, couldn't help passing this up.

[cryptodevil]

LOL, yeah you can do it with any of these scammers' signature codes. Just copy their template and change the wording and links to suit.

I got the idea from someone else here I'd seen had done it so I can't take the credit for it.