Bitcoin Forum
November 07, 2024, 03:37:39 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Is one method of 2FA safer than another?  (Read 1936 times)
yasiel.puig (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
October 11, 2014, 12:26:29 PM
Last edit: October 12, 2014, 03:33:58 PM by yasiel.puig
 #1

Is it better to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

Am I correct in believing that an email would be the least secure of the three?

Thanks.
bitbaby
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000



View Profile WWW
October 11, 2014, 01:56:43 PM
 #2

Is it better to use to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

And I'm I correct in believing that an email would be the least secure of the three?

Thanks.

I use the text option where it is available and Google authenticator where the text doesn't work, I think the text option is the safest, but when it comes to hacking anything can be hacked but I still believe hacking someone's phone to steal a code would be really difficult. And yes, email would be the least secure option.

notlist3d
Legendary
*
Offline Offline

Activity: 1456
Merit: 1000



View Profile
October 11, 2014, 04:51:14 PM
 #3

The nice thing about text is even if phone is lost you are able get a new phone and receive it.
Skoupi
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250

Skoupi the Great


View Profile
October 11, 2014, 04:58:16 PM
 #4

The nice thing about text is even if phone is lost you are able get a new phone and receive it.

This is possible with authy to. It has a cloud based (encrypted ofc) back up option.
btcguys
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
October 11, 2014, 06:10:06 PM
 #5

I don't think authy is safe as it keeps your data online. Route for either Google Authenticator or sms. Even Google Authenticator is unsafe because it stores data on the phone so try to use spare phone that will never go online and keep the phone in a secure place.
Loophole
Hero Member
*****
Offline Offline

Activity: 619
Merit: 500



View Profile
October 12, 2014, 01:02:41 PM
 #6

I agree with you that email 2FA is the worst for 2 reasons.
1. If you have a malware on your pc, it is likely all your accounts including your email will get hacked.
2. You will need to be very careful separating real 2FA emails and phishing emails.

Other than email, the others are all good IMO. Smiley

virtualx
Hero Member
*****
Offline Offline

Activity: 672
Merit: 508


LOTEO


View Profile
October 12, 2014, 01:05:29 PM
 #7

Yes, not all 2FA methods offer the same security. The idea is to harden security, it's more difficult than only one identification method but by no means uncrackable.

...loteo...
DIGITAL ERA LOTTERY


r

▄▄███████████▄▄
▄███████████████████▄
▄███████████████████████▄
▄██████████████████████████▄
▄██  ███████▌ ▐██████████████▄
▐██▌ ▐█▀  ▀█    ▐█▀   ▀██▀  ▀██▌
▐██  █▌ █▌ ██  ██▌ ██▌ █▌ █▌ ██▌
▐█▌ ▐█ ▐█ ▐█▌ ▐██  ▄▄▄██ ▐█ ▐██▌
▐█  ██▄  ▄██    █▄    ██▄  ▄███▌
▀████████████████████████████▀
▀██████████████████████████▀
▀███████████████████████▀
▀███████████████████▀
▀▀███████████▀▀
r

RPLAY NOWR
BE A MOON VISITOR!
[/center]
bitkilo
Legendary
*
Offline Offline

Activity: 1638
Merit: 1010


https://www.bitcoin.com/


View Profile WWW
October 12, 2014, 01:09:34 PM
 #8

I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it.

bf4btc
Hero Member
*****
Offline Offline

Activity: 568
Merit: 500


Smoke weed everyday!


View Profile
October 12, 2014, 01:29:56 PM
 #9

Is it better to use to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

And I'm I correct in believing that an email would be the least secure of the three?

Thanks.

I use the text option where it is available and Google authenticator where the text doesn't work, I think the text option is the safest, but when it comes to hacking anything can be hacked but I still believe hacking someone's phone to steal a code would be really difficult. And yes, email would be the least secure option.
This is correct. Text messages are probably the most secure way of 2FA as it will take very advanced technology to be able to intercept a SMS message to a phone and when you use this technology you would likely be committing very serious crimes, much more serious then simply stealing someone's account or bitcoin.

Authy is not open source and is essentially controlled by google. It will essentially be as secure as your google account.

You are correct to say that email is probably the least secure method of 2FA, however a company can potentially strengthen it by requiring email 2FA + some security question

████████████████████████
███████████████████████████
█████████████████████████████
██████████████████████████████
███████████████████████████████
████▄▄▄█████████████████████████
█████████████████████████████████
███████████████████████████████████
██████████████████████████████████
████████████▄▄▄▄▄▄▄████████████████
█████████████████████████████████
████████▀▀▀██████████████████████
████████████████████████████████
████████████████████████████
████▀▀▀▀████████

jeroenn13
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500



View Profile
October 12, 2014, 02:01:45 PM
 #10

I also recommend Authy to use, seems pretty safe and easy to use.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
yasiel.puig (OP)
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
October 12, 2014, 03:31:35 PM
 #11

Thanks for all your input guys.

Appreciate it.

I guess I'll stick with the SMS authorization.
Skoupi
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250

Skoupi the Great


View Profile
October 12, 2014, 04:53:17 PM
 #12

I use authy on my phone, it is quite safe and so far extremely safe! Check it out: https://www.authy.com/
I use Authy also but may have found a glitch. I have 2 phone both with btc wallets and both with authy as 2fa, if you enter the code from 1 phone into the other that your opening your wallet on most times it works, try it.

That is how is supposed to work since authy gives yout the option for multiple devices.
btchris
Hero Member
*****
Offline Offline

Activity: 672
Merit: 504

a.k.a. gurnec on GitHub


View Profile WWW
October 12, 2014, 04:55:24 PM
 #13

One thing not yet mentioned in this thread is the difference between per-transaction 2FA and logon-only 2FA.

Logon-only 2FA (such as supported by Blockchain.info) helps protect against password brute-forcing attacks. Unfortunately, it does practically nothing to help protect against malware.

Per-transaction 2FA (such as supported by GreenAddress.it and BitGo.com) means that each transaction that sends bitcoin out of your wallet must use a new 2FA code. This type of 2FA offers very effective protection against malware (although it's not necessarily perfect).

You should keep all this in mind when weighing your wallet options.
mmsen
Full Member
***
Offline Offline

Activity: 208
Merit: 100


View Profile
October 12, 2014, 11:13:10 PM
 #14

Just realised that authy has a desktop app...
Kakmakr
Legendary
*
Offline Offline

Activity: 3542
Merit: 1965

Leading Crypto Sports Betting & Casino Platform


View Profile
October 13, 2014, 06:31:38 AM
 #15

Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.

Only leave enough online for buying coffee and lunch.

Keep seperate paper wallets, with small amounts, you can sweep, when you need more in your online wallets.

In my view distribution of coins in many wallets, decrease the risk of losing them all in one hack. ^Smile^

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
Gervais
Sr. Member
****
Offline Offline

Activity: 366
Merit: 250



View Profile
October 13, 2014, 11:30:16 AM
 #16

Is it better to receive a code via text?

Or is it safer to receive said code via the Google authenticator app?

Am I correct in believing that an email would be the least secure of the three?

Thanks.

I personally think a text is the most secure and an email is the least. Your email can easily be hacked into, whereas your phone number is pretty safe.
Pony789
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1000



View Profile
October 13, 2014, 11:30:38 AM
 #17

Best method to keep your BTC safe, in my opinion, is to keep it in cold storage.

True, but 2FA isn't limited to only bitcoin storage. It is applicable to online banking, email, dropbox and in the future your bitcointalk account. Smiley

boumalo
Legendary
*
Offline Offline

Activity: 1918
Merit: 1018


View Profile WWW
October 13, 2014, 11:33:50 AM
 #18

Complicated username that you don't use for other websites
Kind of complicated password that you don't use for other websites
Google F2A
Virus protected computer

sj2199
Hero Member
*****
Offline Offline

Activity: 797
Merit: 500


BBOD fast, non-custodial & transparent Exchange


View Profile
October 13, 2014, 04:11:48 PM
 #19

authy is best app for 2fa ..Recently a pc version has also been introduced..check the official website

BigBoy89
Legendary
*
Offline Offline

Activity: 1512
Merit: 1011



View Profile
October 14, 2014, 01:28:42 PM
 #20

anyone knows which one use for google 2FA?
android phone or google mail that used in android?
i changed my OS/ROM for my android phone, and didn't see my site lists which use google 2FA Sad
ccan i recover it using my gmail that i used before in my android phone?

.AMEPAY.
▄▄█████████▄▄
▄█████████████████▄
▄█████████████████████▄
▄█████████▀▀▄▀▀█████████▄

▄██████▄▄█▀ ▀█▄▄██████▄
███████  ▀▀█▄██▀▀▄███████
███████ █ ▄ █ ▄▀▀▄███████
████████ █ █ █ ▄▀▀▄████████
▀█████████▄█ █ ▄██████████▀
▀████████  ▀▀▀  ████████▀
▀█████████████████████▀
▀██
███████████████▀
▀▀█████████▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
│▌
       AMEPAY IEO       
▄██████▄ ▀██████▄
█████████  ▀█████
███████▀     ▀███
██████▀  ▄█▄  ▀██
██████▄  ▀█▀  ▄██
███████▄     ▄███
█████████  ▄█████
▀██████▀ ▄██████▀
   AMEPAY LISTING   
   ▐███▄
   ████▌
▐██████████▄
████████████
 ████▌  █████
▐████  ▄████
██████████▀
 ▀█████▀▀
▐│
▄▄█████████▄▄
▄█████████████████▄
▄█████████████████████▄
▄█████████▀▀▄▀▀█████████▄

▄██████▄▄█▀ ▀█▄▄██████▄
███████  ▀▀█▄██▀▀▄███████
███████ █ ▄ █ ▄▀▀▄███████
████████ █ █ █ ▄▀▀▄████████
▀█████████▄█ █ ▄██████████▀
▀████████  ▀▀▀  ████████▀
▀█████████████████████▀
▀██
███████████████▀
▀▀█████████▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!