2-Factor Authentication

[ViceOfBTC21]

There is no harm with 2-factor authentication. It is just used for our security purpose. In fact, those accounts integrate with 2FA they are trustworthy and more secure. If you are doing some transaction on the trading or exchange platform then 2FA is essential for our security purpose.

I disagree. There is a privacy harm. They know your mobile number. I know you can buy cheap old Nokia only for 2FA purposes, but in most countries (including mine) you must register your phone number. Of course you can buy registered prepaid SIM on blackmarket, but I don't condone this unless paying fine is better than losing your trading capital. Just use complicated password for exchange and wallet and you will be fine.

[markkeian]

i have been using Google authenticator since then and im not having any issue with it,but if u worry u can always enaable email verification ror additional security.
And make sure u disable your 2fa authentication once you think of selling ur mobiles.It happens to me i forgot to disable 2fa and sell my mobile.Glad i was able to fix it by sending ticket to support.

[LeGaulois]

i have been using Google authenticator since then and im not having any issue with it,but if u worry u can always enaable email verification ror additional security.
And make sure u disable your 2fa authentication once you think of selling ur mobiles.It happens to me i forgot to disable 2fa and sell my mobile.Glad i was able to fix it by sending ticket to support.

The main topic we've been talking is about the privacy, enable email verification isn't going to help it

There is no harm with 2-factor authentication. It is just used for our security purpose. In fact, those accounts integrate with 2FA they are trustworthy and more secure. If you are doing some transaction on the trading or exchange platform then 2FA is essential for our security purpose.

In my opinion, giving our privacy shouldn't be the price of our security but taking it back is.

In the digital age individuals may exercise the right to privacy by giving some part of information voluntarily but cannot be forced to do The right to privacy is a part of right to liberty

[Ralph1075]

Since Google authentication operates offline ,providing best securities for most websites like Binance and others, you will be provided with a private key when registering for any Google authenticated website which is meant to be guarded with care.

[ManaMan]

If you do care about privacy first things first you wouldn't be using apps provided by google itself. Although I think google authentication is okay, I guess you don;t still know what it can do in the background. You probably have some old mobile phone so I'll advise you to use that offline without connecting to the internet so you use that particular phone only for 2FA.

This eliminates the risks of somebody even compromising your phone and getting access to your 2FA codes and other stuff as most people like to keep their mails + 2FA on same phone and other information which can be a nightmare if somebody compromised your phone. We all know that mobile phones are somewhat first target for hackers as all of us have them and keep sensitive information in them, that's why I'll advise you to have separate mobile phone for 2FA only, if you don't have any old smartphone you can order some china phones for like 50bucks or even less they are able to run 2FA offline, all you need.

[99th]

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

John Macafee got hacked from using 2FA. It gave the hackers the ability to recover his phone number. Read about it by googling it. I never liked the idea of it anyways because of a few reasons. I have turned it off since Macafee's hack back in December.

[ManaMan]

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

John Macafee got hacked from using 2FA. It gave the hackers the ability to recover his phone number. Read about it by googling it. I never liked the idea of it anyways because of a few reasons. I have turned it off since Macafee's hack back in December.

Read my previous posts... that's why I outline that you have to have another phone which will be offline all the time. Security issue here is if an attacker gain control over your phone and you keep everything together on your smartphone. If you are lodged in to many accounts + have 2FA, when an attacker gets to your phone it is game over as everything is on one device.

John, himself, was attacked due to him saying coins of the week and therefore pumping them across multiple exchanges which as a result made him good target.

[xwshamim]

No,  how far  i know nobody else can use it or any apps can use its if any body knows your password but don't know the authentication code he cant do anything to your account  .and if you have your phone you have access if not then you have the backup key to back up your account .its very safe that is what i know about 2fa . and i m also a 2fa user .not had any problems like this yet

[alkhie01]

I think there is no problem using 2fa authenticator because its connected in your phone and its working even your not online.For me google authenticator really helps a lot to secure your accounts.

[charlotte04]

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

I am really scared about this. What if I lost my phone? How would I recover my authentication codes? Is there any possibilities I could recover them?

[online73]

If you do care about privacy first things first you wouldn't be using apps provided by google itself. Although I think google authentication is okay, I guess you don;t still know what it can do in the background. You probably have some old mobile phone so I'll advise you to use that offline without connecting to the internet so you use that particular phone only for 2FA.

This eliminates the risks of somebody even compromising your phone and getting access to your 2FA codes and other stuff as most people like to keep their mails + 2FA on same phone and other information which can be a nightmare if somebody compromised your phone. We all know that mobile phones are somewhat first target for hackers as all of us have them and keep sensitive information in them, that's why I'll advise you to have separate mobile phone for 2FA only, if you don't have any old smartphone you can order some china phones for like 50bucks or even less they are able to run 2FA offline, all you need.

Totally agree with you, At the moment, every day a huge probability of your hacking. I have allocated a separate phone for 2FA. I do not know all the technical subtleties, but I consider this to be the most correct action. Every day, burglars are advancing in various tricks on the theft of various information and money, but a separate phone, without various online games and the like - this should be the elementary rule of security.

[tora]

I do not have a mobile and google authenticator does not work on my laptop. I use gauth for 2fa.

[1C6fV5DtakfKANLJ8GUV7hCaA]

Not at all. The keys are the only ones that has been preloaded into the app and Google's servers. No personal account info is stored.

[puwaha]

The main reason why I wouldn't use Google authenticator or Authy is because it's not open source. There's open source alternatives which have been mentioned above which are simply better. Before you say Google authenticator is open source, the app which you download on the store is not.

There's a very good reason why authenticator apps are not open source.  You don't want someone to figure out or reverse engineer the algorithms they use to generate the codes.

RSA has been doing 2FA for a very long time.  They are considered bulletproof in the enterprise market... they don't publish their code either... for the same reason.


You are more likely to get your account hacked on an exchange where they can turn off 2FA or convince support to reset it for the hacker's 2FA authenticator app.

[stantpro]

Google authentication is an independent security feature for
your personal protection.If you invoked google authentication
from your device, it shall never be linked to any third party site
or software except if you are hacked from your own device.
More so, if the third-party software or site integrated google authentication
as a security feature to access the resources, then it is the third party's
bid which automatically has a link with google authentication process
prior to your subscription.

[thr3]

Google Authenticator is device specific - I believe if you lose your device, it will be a pain to convince sites that you own the account, plus there are no backups

Authy - an account based authentication and supports backups (has google authenticator built in if I am not mistaken) but if this company gets hacked (or Lastpass), hackers will have a field day

[SmokerFace]

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

I am really scared about this. What if I lost my phone? How would I recover my authentication codes? Is there any possibilities I could recover them?

Every Exchange websites has a feature that when you turn on the 2FA authenticator on your account they will give you a Secret Key and Qr Code of your google authenticator even you'd lost your phone you can easily turn off or change your 2FA Secret Key by using another android device that's why before you use 2FA save the Qr code and Secret key of your account into another device so once it will lost you're not be afraid to get hacked

[Rhinoboy11]

I think no since Google Authenticator works offline and even if you only add the authentication key only with vague description/name. Unless they upload your keys and description along with google account you use on your smartphone.

i wish we didn't have to use them anyways.

[Rhinoboy11]

i really feel like 2 F A is a waste of time

[gnerro2]

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

from google support

"Google sends a random code to third-party sites to enable you to sign in to these sites with your Google Account. This code doesn't reveal any personal information. Also, the security of your Google Account will not be compromised by signing in to other sites with your account."