google auth vs authy vs others
What is the best and why?
2factor authentification
Isaac Perez
Hunter Harris
It does not matter. I prefer Google, since the Autenticator is so well implemented in their services.
Hudson Smith
Um whichever one the service you have uses?
Zachary Martinez
What happens if I lose my phone? Am I then forever locked out of my accounts???
Mason Evans
I haven't used Authy but I think Authy is better because it can be implemented on multiple devices. Lets say you have Google. Authenticator on your phone and you lose your phone - you are screwed.
Carson Reyes
You write down your 2FA backup code
Cooper Johnson
you still have to reactivate every account on the authenticator though right? that's what i'm reading. i don't want to have to reactivate every site i'm on, it will take ages.
>lose phone
>activate authenticator on new phone
>go to every website and reactivate each one on the app
right? chore
Hunter Sullivan
can i keep it on my dropbox
Brayden Hill
whenever you enable 2FA on any site it gives you "restore codes" and usually a QR code, you should copy/print those codes and keep them somewhere safe so that if you lose your phone you can still access the account. If you already have 2FA enabled on some sites but didn't copy down the codes, you can go and disable/re-enable the 2FA and get issued new codes that way.
Daniel Flores
Write down the code, or save the qr-code.
Nicholas Garcia
do you actually plan for this to be a regular thing? I haven't lost a phone in like 9 years and if it did happen, yea it would take maybe an hour to fix everything, but then I'd hopefully not lose the next phone for years.
Carter Smith
When you initially set up your 2fa on each site you're given the secret/backup key. If you didn't write them down, I sincerely urge you to redo them so that you have them. If you lose your phone it's gonna be a major fuckfest to submit verification to all the sites you use in order to have your 2fa disabled and access restored. Spend the 15-30 minutes to avoid a nightmare down the line.
Wyatt Collins
No, but I have just bought a new phone and will need to set up 2step on it. I have the codes for some of the sites I use, but not the backup code for the main app as I had no idea I needed it then. Seems like a huge ballache and google was shit at handing out info about this upon starting the process.
RIght now I'm thinking when I get the new phone, I'll just disable 2fa on all the accounts at the same time, install authy on the new phone and reenable the 2fa, then upload that shit to authy so I never have to do this bullshit again..
Aaron Young
Thanks for all the advice.
Do you think keeping my secret keys on dropbox? I feel like im more likely to lose my notes or have them stolen than have my dropbox compromized. I have already lost a bitcoin wallet in the past and the note, losing 1,5 bitcoins in the process.
Grayson Foster
>but not the backup code for the main app
Wait I need a backup code for the google app too? I don't remember even getting one
Easton Perry
Are you niggers poor? Buy a yubikey neo and use the yubikey authenticator. It works just like Google authenticator except the yubikey is the one actually generating the codes, so if your phone gets lost/stolen/dies then you don't lose all the keys you set up. Plus if your phone is compromised an attacker can't just start generating codes.
Works with U2F too, which is the future of two factor.
Jeremiah Nelson
Set up a keepassX with a strong password (do not use this password anywhere, anywhere else- recommend 5-7 random words with spaces- check out diceware)
Inside store all your codes and any other vital passwords you have. Can also generate passwords inside the app & copy and paste from inside.
Upload the keepass file to dropbox. Can be used on Windows/OS X/Linux/android/iOS
end thread
Jason Cook
The way I'd do it if I had enough cryptos to justify it is keeping everything (wallets, secret keys etc) on a laptop that I never connect to the internet AND on an encrypted usb drive then keep them hidden in different locations. I'd think that the chance of you loosing both of them at the same time is much lower than having your dropbox compromized. Huge companies and databases have been hacked in the past, it's unlikely but possible.
Also storing sensitive information on someone elses hardware just doesn't sit well with me.
Isaac Bailey
Thing is if my dropbox gets hacked I'll most likely know about it, and this being 2fa, they still need my password for that specific site/exchange.
Brayden Gray
Fair enough. If it did get hacked it's unlikely that someone will even look for passwords and secret keys and stuff through everyones folders then try to match them to accounts.
I just don't like the idea of giving someone else access to my information. Even though it's highly unlikely they'll ever look through it, let alone use it.
Samuel Reed
Thanks for all the advice, it's good advice. I would agree with you on keeping it myself if I wasn't so forgetful, I couldn't face losing another bunch of btc to my forgetfulness
Nathan Phillips
Authy by far.
I love that Gemini and coinbase use it, but those are the only ones pretty much, and it gives me literal rectal cancer that binance & bittrex use google authenticator.
Authy resets each timer to the maximum when you open it, as well as gives you a notification when you actually log into the site, saving you the trouble of finding the app in your app drawer, and then frantically trying to input the last code displayed that only has like 2 seconds left on it before it disappears and you have to put the new one in.
All in all it’s not a big deal but I honestly don’t see why exchanges don’t use Authy, it’s just more objectively better
Luis Myers
from what i read you can use authy on any site that asks for google authenticator