Bitcoin Forum
November 04, 2024, 04:34:09 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Lost my 2FA Google Authenticator Code - CEX.io  (Read 379 times)
bitmover
Legendary
*
Offline Offline

Activity: 2478
Merit: 6286


bitcoindata.science


View Profile WWW
March 04, 2021, 01:07:03 PM
 #21

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.

o_e_l_e_o, AFAIK authy do not do that.

Authy doesn't request location access neither email address. The only thing authy gets is the phone number.

I never even heard about they requesting KYC documents.

I look at their help page (https://support.authy.com/hc/en-us#) and the word KYC or Documents is not even mentioned anywhere.... where did you see that they require  KYC?

If that's true, I would maybe shift over to another software. But I use authy for years and never had any similar problem..


Edit:
I found:
https://support.authy.com/hc/en-us/articles/360012304633-Authy-Phone-Change-and-Account-Recovery-Photo-ID-FAQs
Quote
Authy Phone Change and Account Recovery Photo ID FAQs
We know you look to Authy to keep your important online logins secure, so we take phone change and account recovery requests very seriously. In order to help confirm that you are the actual account owner, we may need to ask validation questions or request a copy of your photo ID during this process. Since a photo ID usually contains sensitive personal information, you may want to know why we need this, and how we handle it. To help explain our processes, we have created this list of frequently asked questions.

I have not shared my photo ID with you previously - What are you doing with it?
When we request a copy of your photo ID, we do not use it for a comparison to a previously saved copy. We won't go into specifics here to protect our security processes, but suffice to say that we use the ID data for helping to confirming your identity as the account owner.

Terrible for authy... this KYC makes no sense at all...

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18726


View Profile
March 04, 2021, 02:00:37 PM
 #22

I was reading from here: https://www.twilio.com/legal/privacy/authy

Quote
If we cannot easily confirm that you are the rightful account holder of the Authy account associated with your old number, we will ask you for your phone account information and a copy of physical identification such as a drivers’ license, national ID, or passport, which we then use to confirm your claim to the account. From time to time, if there are other situations where we need to verify that you are the rightful account holder of your Authy account, our support team may require you to provide identity information like a drivers’ license, national ID or passport.
Emphasis mine. More worrying that just for account recovery, they may also lock you out of your 2FA account (and therefore all of your online accounts which use 2FA) and demand KYC "from time to time". How reassuring. Roll Eyes

Quote
When you use an Authy token to log into an account, whether the token was generated on the app or one sent to you via your phone number, we collect and keep information associated with your login activity including information like your IP address, what application or program you logged in to, that you logged in, and when.
They track your activity across all your accounts, linking that to your email address, phone number, and IP addresses...

Quote
Over the last year, we have shared Identifiers and Internet or other electronic network activity information with third parties, as we describe in this section.
...and they share it with third parties.

I don't understand the benefit of this service. It is the equivalent of a web wallet for 2FA: You are letting someone else handle all your codes, have the power to lock you out of your accounts, and invade your privacy, all for something you can do yourself easily, freely, securely, and privately.
up136191857 (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 3


View Profile
March 08, 2021, 09:15:44 AM
 #23

Hello guys,

I just wanted to update the thread about my issue. Still haven't heard back from CEX it has been more than 9 days since I contacted the support and no answer till now.

Definitely they do have poor support system. It makes no sense at all.

Waiting...
pugman
Legendary
*
Offline Offline

Activity: 2383
Merit: 1551


dogs are cute.


View Profile WWW
March 08, 2021, 11:46:22 AM
 #24

The best solution is to maintain a notebook to write you all the accounts credentials including Google Authentication codes and keep it always under you.
An even better option is to use a 2FA app such as Aegis, which allows you to export an encrypted database of all your shared secrets, which you could store on an offline medium such as a USB drive. Then, if you lose your phone and you need to recover your 2FA codes, it's as easy as downloading the app on your new phone and importing the back up.

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.
Damn I really used to think Authy is a goat of a 2FA app, especially after finding out how bad GA was after I lost one of the 2FA keys. Welp, I am wrong as it seems.

Btw, this aegis, I have never heard about it up until now. I looked it up right now and the reviews seem great thus far. I will check it out, thanks!

Dude you should make a thread of all useful/privacy friendly crypto-services cause I assure you dumbasses like me don't know a lot about it.

seleme
Legendary
*
Offline Offline

Activity: 2772
Merit: 1028


Duelbits.com


View Profile WWW
March 08, 2021, 09:57:43 PM
Last edit: March 08, 2021, 11:43:53 PM by seleme
 #25

Hello guys,

I just wanted to update the thread about my issue. Still haven't heard back from CEX it has been more than 9 days since I contacted the support and no answer till now.

Definitely they do have poor support system. It makes no sense at all.

Waiting...
They will definitely ask a full copy of personal documents before processing your request. Cex.io has been a well-known crypto exchange for Ukraine-based crypto companies but they have slow support after the increasing popularity of crypto investment. No worries, the support team will reset the 2FA even if you have no access to the lost phone number/email/authentication app.

The best solution is to maintain a notebook to write you all the accounts credentials including Google Authentication codes and keep it always under you.
An even better option is to use a 2FA app such as Aegis, which allows you to export an encrypted database of all your shared secrets, which you could store on an offline medium such as a USB drive. Then, if you lose your phone and you need to recover your 2FA codes, it's as easy as downloading the app on your new phone and importing the back up.

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.
Damn I really used to think Authy is a goat of a 2FA app, especially after finding out how bad GA was after I lost one of the 2FA keys. Welp, I am wrong as it seems.

Btw, this aegis, I have never heard about it up until now. I looked it up right now and the reviews seem great thus far. I will check it out, thanks!

Dude you should make a thread of all useful/privacy friendly crypto-services cause I assure you dumbasses like me don't know a lot about it.
I also didn't know about the recovery process but not going to change the default 2FA app to another one. Authy has done an amazing job after losing access to the old Google Authenticator app which contained more than 30 private 2fa keys to online accounts. I am ready to share documents if the Authy team asks this for security reasons and proving identity by asking few questions.

       ███████████████▄▄
    ██████████████████████▄
  ██████████████████████████▄
 ███████   ▀████████▀   ████▄
██████████    █▀  ▀    ██████▄
███████████▄▄▀  ██  ▀▄▄████████
███████████          █████████
███████████▀▀▄  ██  ▄▀▀████████
██████████▀   ▀▄  ▄▀   ▀██████▀
 ███████  ▄██▄████▄█▄  █████▀
  ██████████████████████████▀
    ██████████████████████▀
       ███████████████▀▀
.
.Duelbits.
.
..THE MOST REWARDING CASINO......
   ▄▄▄▄████▀███▄▄▄▄▄
▄███▄▀▄██▄   ▄██▄▀▄███▄
████▄█▄███▄█▄███▄█▄████
███████████████████████   ▄██▄
██     ██     ██     ██   ▀██▀
██ ▀▀█ ██ ▀▀█ ██ ▀▀█ ██    ██
██  █  ██  █  ██  █  ██
█▌  ██
██     ██     ██     ████  ██
█████████████████████████  ██
████████████████████████████▀
█████████████████████████
█████████████████████████
████████████████████████▌
       +4,000      
PROVABLY FAIR
GAMES
   $500,000  
MONTHLY
PRIZE POOL
      $10,000     
BLACKJACK
GIVEAWAY
up136191857 (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 3


View Profile
March 09, 2021, 09:45:15 AM
 #26

Hello guys,

I just wanted to update the thread about my issue. Still haven't heard back from CEX it has been more than 9 days since I contacted the support and no answer till now.

Definitely they do have poor support system. It makes no sense at all.

Waiting...
They will definitely ask a full copy of personal documents before processing your request. Cex.io has been a well-known crypto exchange for Ukraine-based crypto companies but they have slow support after the increasing popularity of crypto investment. No worries, the support team will reset the 2FA even if you have no access to the lost phone number/email/authentication app.

The best solution is to maintain a notebook to write you all the accounts credentials including Google Authentication codes and keep it always under you.
An even better option is to use a 2FA app such as Aegis, which allows you to export an encrypted database of all your shared secrets, which you could store on an offline medium such as a USB drive. Then, if you lose your phone and you need to recover your 2FA codes, it's as easy as downloading the app on your new phone and importing the back up.

I absolutely wouldn't recommend Authy. It is closed source. Your 2FA codes are stored in their servers. They collect a lot of information about you, including device information, email address, phone number, IP address, location, log in history, and more. If you lose access to your account, they require full KYC with copies of your ID to recover your account. This is an unnecessary security and privacy risk, for something you can do safely yourself as described above.
Damn I really used to think Authy is a goat of a 2FA app, especially after finding out how bad GA was after I lost one of the 2FA keys. Welp, I am wrong as it seems.

Btw, this aegis, I have never heard about it up until now. I looked it up right now and the reviews seem great thus far. I will check it out, thanks!

Dude you should make a thread of all useful/privacy friendly crypto-services cause I assure you dumbasses like me don't know a lot about it.
I also didn't know about the recovery process but not going to change the default 2FA app to another one. Authy has done an amazing job after losing access to the old Google Authenticator app which contained more than 30 private 2fa keys to online accounts. I am ready to share documents if the Authy team asks this for security reasons and proving identity by asking few questions.


I have already sent them my personal information (ID, Address). Still nothing.
notblox1
Legendary
*
Offline Offline

Activity: 2240
Merit: 1316


Logo Designer ⛨ BSFL Division1


View Profile WWW
March 09, 2021, 05:40:51 PM
 #27

CEX is not only the exchange with bad support and most of them are saving on stuff, but we should take more care about 2FA backups.
There is also free open source software for windows called WinAuth we can use for this in combination with mobile apps like Aegis.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
examplens
Legendary
*
Offline Offline

Activity: 3458
Merit: 3480


Crypto Swap Exchange


View Profile WWW
March 09, 2021, 08:40:08 PM
 #28

OP, I try to push them through Twitter. I hope we will get some reaction when this is more public.
I am still surprised by their slow response in this case.

CEX is not only the exchange with bad support and most of them are saving on stuff, but we should take more care about 2FA backups.
There is also free open source software for windows called WinAuth we can use for this in combination with mobile apps like Aegis.

I chose SMS as extra authentication protection here, just because of a possible complicated situation like this. In the meantime, I broke my phone a few time, so there would be a lot of problems even if I think I’m not using CEX only with 2FA.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
up136191857 (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 3


View Profile
March 11, 2021, 10:05:22 PM
 #29

2 weeks gone by. Still nothing.
Chikito
Legendary
*
Offline Offline

Activity: 2562
Merit: 2076


View Profile WWW
March 12, 2021, 01:33:01 AM
 #30

2 weeks gone by. Still nothing.
Have you PMed @CEX, someone ever 20 days no response yet, but almost of them got reseted  [1], [2], [3], [4], just make sure you explain the detail and send user ID, ticket number to him.
up136191857 (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 3


View Profile
March 14, 2021, 11:28:00 PM
 #31

I did sent the user ID but still nothing.

In their support system they pretend that answer could take up to 10 days but in my case it’s been more than 3 weeks.

Still nothing
up136191857 (OP)
Newbie
*
Offline Offline

Activity: 23
Merit: 3


View Profile
March 15, 2021, 09:37:21 PM
 #32

UPDATE:

I tried to log in today and they disabled the 2FA and I was successfully logged in.

Thank you guys for participating in this topic, your replies were nothing but helpful.

I really appreciate everyone, let's hope this topic/thread serves as a solution for anyone.

Cheers  Cool
Hamphser
Sr. Member
****
Offline Offline

Activity: 2604
Merit: 339


Vave.com - Crypto Casino


View Profile
March 15, 2021, 10:20:57 PM
 #33

UPDATE:

I tried to log in today and they disabled the 2FA and I was successfully logged in.

Thank you guys for participating in this topic, your replies were nothing but helpful.

I really appreciate everyone, let's hope this topic/thread serves as a solution for anyone.

Cheers  Cool
Good thing to hear up some updates from you op, this is why its really always better to set out aside from google auth 2fa on having also some message otp verification in case on having these kind of possible
problems in the future.

Since this issue had been already resolve then better lock off this thread to prevent further replies.

posi
Hero Member
*****
Offline Offline

Activity: 2268
Merit: 579


Vave.com - Crypto Casino


View Profile
March 15, 2021, 11:17:12 PM
 #34

UPDATE:

I tried to log in today and they disabled the 2FA and I was successfully logged in.

Thank you guys for participating in this topic, your replies were nothing but helpful.

I really appreciate everyone, let's hope this topic/thread serves as a solution for anyone.

Cheers  Cool
Good thing to hear up some updates from you op, this is why its really always better to set out aside from google auth 2fa on having also some message otp verification in case on having these kind of possible
problems in the future.

Since this issue had been already resolve then better lock off this thread to prevent further replies.
Having some message OTP verification is not by any chance the solution in this kind of situation, the OP will still need the 2FA code before he can access his account and his ID document will still be needed if he wants to rectify the 2FA.
With that been said, is better for the OP to write down the backup code on paper and keep it safe or make use of Aegis which some outstanding features instead auth or google authen.
@up136191857, an exchange like Binance give fast response and solution to issue like this.

Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!