Only if your password database with the 2FA codes got compromised. If it's some other kind of attack, which 2FA could have prevented, it's not a big deal.
As of Feb 2021 Google Authenticator now allows for export of 2FA's for backup, and when installing the App for the first time set a pincode to access it. This makes the product now the best there is if one does not like using cloud storage.
If an attacker can access your phone, he somehow got around whatever you use to unlock your phone. So if an app would use that same method, the attacker can most likely get around that just the same. So using a different method (for example I use a pattern for my phone to unlock, but a 4 digit number for authy) would make it a lot more secure. Complaining about Google authenticator not being secure enough, but also wanting a backup method is a bit of a contradiction. Having your keys stored at an additional place, online, that has to be accessible without 2FA keys (at least by this method) does make it less secure. I do agree that this is a "Should have" feature, however, definitely not from a security standpoint. And the iCloud Backup (luckily that is only the case for iPhones) is quite misrepresented as well. 04:17 "So it's not going to Microsoft, it's not going to Authy, it's your iCloud Account." Which means it goes to Apple. Or the other way around, it goes to YOUR Microsoft account or YOUR Authy account. I fail to see what the advantage of it being in stored in the iCloud. Of course, everyone gets to have their own opinion, but this is clearly fanboy bullshit presented as a security feature.
I print out my QR codes and place them in a secure location. This allows me to restore my setup when I wipe my device twice a year. Also, I like the idea of not having a backup as I find it more secure :-)
Be careful how you print. If you're on wifi there could be a man-in-the-middle attack on your LAN. Anyone running Wireshark could see your documents in plain text as they are sent to the printer. Also, some fancier printers (usually laser printers) have hard drives in them that store what is printed. Best option is to use a real cheap inkjet printer via USB cable, the old-fashioned way. If you're printing sensitive info, I would go this route. You can pick up a printer like that for $30, but ink refills are ridiculous.
@@cocatfan Bitwarden is a password manager mainly and not an authenticator. Yes, it does have TOTP authentication as premium feature. But the purpose of using an authenticator is to use a different device or app for additional verification. A person who can get into your password manager can also see your 2FA code if they are together and totally negates the purpose of 2FA.
I think Aegis is an option more interesting, it allows you to backup in a encrypted file in a cloud of your choice, and also give You the option to do it manually exporting that file and save it wherever You want. And You can switch from Google authenticator exporting acounts and it Will read the que code without a problem.
I'll never be convinced that being able to backup codes is more secure than not being able to. Your first point makes sense, however its a app feature that could be easily implemented and until google does Ill just use third party security apps to lock access to the app. Also, as of now google authenticator has a option to transfer your codes to other devices.
Authy requires a phone number to setup.. that in itself makes it less secure than google authenticator. , > you can find hacking stories on this on reddit subs. also, having various 'backup' options in multiple devices might be good for convenience but bad for security. if you use google authenticator properly, i.e. downloading the backup codes as you should for your own security then there's no need to downgrade to authy
True.People just don't understand how google authenticator works. Using your phone number to setup anything is not secure at all.Because of a "sim swap" attack.
Uhmm... I have Google Authenticator on a secure folder on my phone, so... to enter to that secure folder I have to use passcode or fingerprint reader, and a good habit is to have a password manager, so... Everytime I add a new account to Google authenticator I add the code to my password manager that makes automatic backups, is sinc with the cloud and is encripted. Im not telling that Authy or the others are not good... just the reasons you give to change it are not that important for me. Thanks anyway for the video. :P
DO NOT LISTEN TO THIS GUY!! First of all you can password secure your phone with a password or a pin to block anyone from accessing your google authenticator. Second, yes you can make a backup with the key given to you when setting up the authentication procedure. Third, install the google authenticator on an airgapped used (old) cell phone for better security, DO NOT INSTALL ON MULTIPLE DEVICES!! you expose yourself and your keys!! and last and very important do not backup to your cloud, if anyone gets to your SIM card or calls the telephone company to get your SIM card replace they will have access to your cloud and all your apps including your authenticators. VERY IRRESPONSIBLE VIDEO!!
UPDATE: Google Authenticator has since added biometric lock to the app, so my primary gripe about the security of the app has been resolved. I still prefer Authy, however, and for even better security, consider using a 2FA key like this: th-cam.com/video/xRmDIL9l3b0/w-d-xo.html
I am using google authenticator, Microsoft authenticator, lastpass authenticator for different purposes (e.g. work, personal, etc). Just read Authy's privacy policy - they share a lot with third parties "as required to provide their services". That's a NO-GO for me. MS and Lastpass are pass protected which is great. Google authenticator has been compromised already as far as I know.
Google authenticator is designed to be the equivalent of a hardware token on your phone. In other words, it's something you have and cannot be easily duplicated. While I agree that having the option of protecting my MFA is an extra layer of security, I believe that the biggest benefit is that someone only has access while they have my phone - i.e. they can't make a clone of it. Best practice, in my opinion, is to use a password safe that contains my backup codes. Since most MFA systems only allow for one OTP seed, this forces me to retire the lost seed and then generate a new one.
Great video.... I just dumped Google Auth all together. Question for you, authy looks good as I do like the multi-device option so I don't have to access my phone to get a 2FA code but I don't like giving them my mobile number. Microsoft auth backup in iCloud is great but would you happen to know the answer to this question - if I lost my iPhone and I decide to buy another iPhone three days later and I need a 2FA code before I get my new iPhone I am out of luck unless I have backup codes right?
So my phone died out of nowhere and it couldn't be repaired so.. I lost everything Including Google Authentication and I had tons of accounts with Google authentication and guess what I couldn't recover anything at all so never use Google authentication biggest fault is that it doesn't has an account sign in method Why didn't I got the video recommended earlier man
Authy, Microsoft, One password... You're missing the importance of Open Source software. Who would trust a proprietary app with their personal data?? Your channel could be so much better if you got your feet wet in the world of REAL privacy and security. Take some inspiration from Techlore
Yeah that, or uh.. You know... He *could* focus on stuff like... NOT making videos around statements that are completely false? But hey at least he got the timestamps on there. (slow clap) very nicely done on those timestamps
I totally get you. I always thought Google authenticator would have some backup feature to save all the account codes. To my horror when my phone got downgraded from Android 12 beta to 11, all my data was stored and could be restored except for Google authenticator. Had a painful time trying to recover each account one by one. Will be switching over to authy!!
Sync or not, if i am paranoid enough about deleting GoogleAuth, I should have the skepticism to not put 2FA on malware rich-environments like a desktop. Even Zuckerberg covers his macbook’s webcam by tape, why would i throw 2fa on a desktop...
Fair point, and I recognize that there are different levels of comfort when it comes to security. I don't think deleting Google Authenticator is about paranoia, though. It's that most people don't understand that if they lose this particular key to their online accounts, there is no "forgot password" reset button.
Google added the transfer option which gives you a single QC to important to another but I just took a picture with another device them provider it out and put it in the safe as a backup.
I don't agree. 2FA is meant to be "something you have". Along with that you have the regular which is "something you know". If you have access to your phone, it should be all you need to qualify as the something you have.
No, authy requires a phone number to set up and then you either get a verification code by text or call to your number to access your app. Then after that you have to enter your backup password to access the accounts. And just so you know backup passwords are never stored by authy meaning if you forget it you can’t recover it. Same for the pin. So authy is still as secure as google authenticator. And plus authy has a better UI than google authenticator
Ok, then why do you still have your video on using Google authenticator on your channel from 7 months ago? Maybe delete it, it's confusing to have both. Cheers.
I factory reseted thinking I can’t get them so I turn off 2fa temporarily. Well discord didn’t turn it off and I almost lost my account. Luckly I had sms backup on but man not portable is very not fun. I still use google auth but I’m unsure if I trust the other apps.
Hey, man! You're good! Very good! Clear explanation, calm voice, real emotions, no faking, no overdoing it, no squeaking noises coming out of your mouth to make it "fun" and "cool", by some standards. No loud or annoying music... I was looking for Shakepay 2 step authentication explanation and stumbled upon your authenticator video. Don't know when you started your channel, but I wish you get hundreds of thousands subscribers soon! All the best!
Hey Daniel, I appreciate the feedback. I'm on the fence about this because, honestly, using Google Authenticator is better than nothing, so if people need help setting it up, I want to help them, you know? Also, I'm on a lifelong journey of learning, so my newer content is always going to reflect better ideas. Does that mean I should delete older videos? I don't think that it does.
Wait a backup cloud option would bring itself some security issues. Even if they are (like they say) encrypted, someone who knows what he does and get access to these cloud saves can still decrypt them and get access now to all of your 2fa codes. It's better to write down the backup or recovery codes instead of using backup cloud saving, but the issue is that some sites like paypal or amazon do not provide any backup or recovery code for 2fa which is a shame.
Might pick Authy, I can install this on my main and old phone and only use the old phone when I need backup access if the current phone is lost/breaks.
@@rileynichol1016 Microsoft authentication gives you another code (number) that works like a second password, that code changes every 30 secs so it’s so complicated to hack. You just need to download the app and scan the QR to link the website to secure with Microsoft authentication.
Google Authenticator is insecure, but saving your 2fa with your password in 1password is secure??? And btw Google Authenticator is backed up to iCloud via the full device backup
While I agree that using 1Password isn’t the MOST secure way to setup 2FA, it’s definitely better than Google Authenticator for many different reasons. As for the iCloud backup, I’ve had mixed results. I definitely wouldn’t rely on that method alone as your only backup.
If someone has access to your phone OS, what the f*ck do you think is going to happen? You have far bigger problems than your authenticator. Lol. If they have that much power, your entire security stack is at risk, and all these other methods you are bringing up, are moot.
Well if that's true for you, then your security stack isn't well stacked! No single login (i.e. your Phone unlock passcode) should give anybody "that much power". If so, you're doing something wrong.
and a software shouldn't be so crappy that you need a second/spare phone, just to do an export to google auth on that phone, to put it away as a spare. How crap is that design!
there is a way though. Print the QR codes on paper and place them somewhere safe :) You could also print the emergency OTPs provided by the accounts that allow you to integrate 2fa. They are meant for scenarios like these :) Since the security risks for all these services are still non-zero, it would still be okay to use services that backup to the cloud though. Just know that they are less secure than using google 2fa.
So basically if Authenticator required biometric unlocking of app you might still use it. As for site code backup I just snap a pic of the setup QR codes with a cheap offline camera.
GA has a “privacy screen” setting, meaning face recognition is instantly required when opening the app, unlocking your phone and (re) opening the already running app, etc. Does this not resolve your no password concern for GA?? Seems secure to me.
No... MFA using a strong password, a hardware security key, and Authy for your 2FA is the best way for the average person to secure their online accounts.
It is generally, if you want to be convenient and easy to use, security will be exposed. Therefore, I generally do not use automatic cloud backup, I am backing up my own method(You can back it up with a file, then you have to modify the name of it, and then upload it to your cloud. ). BTW, I using andOTP APP, Because it is a completely open source application, and it can encrypt your file backups. You also need a pin or password to get in.
Yep , conveniency come with the cause! andOTP is great and you can see the source code,so there no back door for third party to services to get in. All the security in your own hand!
Security and convenience are always inversely proportionate. If you really want to be secure you shouldn't even use the same device for your password manager and 2FA authenticator and even use physical USB keys (eg. Yubikey) for them, but not many people do that because it's very inconvenient.
Responsible people will save the 2FA seed codes in a password manager, so losing your phone becomes a non-issue. Alternatives to Google Authenticator also exist, which enable you to backup your 2FA seeds into an encrypted file.
Thanks for opening my eyes with Google!!! I was starting using Microsoft authenticator before this video because has his own password, can backup and has his own password which found it much better for the situation in case lost my phone.
hey there man, i agree but the part you were talking about you can't lock the app is not true. many antivirus companies allow app locking which can be done easily but good video
If you have an antivirus installed on the phone and most have not. I personally stopped using antivirus on android for many years because the only thing what it did is generate traffic and needs a lot of battery, as someone who can see if a website or mail is wrong, blocking ads and cookies and only install well known apps from Play Store an antivirus is just useless.
Thanks for the tip, Mattis! I hadn't used it before. From what I see on the app store, I probably wouldn't use the notification center feature. Do you think it's worth the paid version when others like Authy are free?
the reason I use Google sync is because it is totally off line you can back up Google Auth Back up by creating a qr code for a different device to scan just go to transfer account -> export account and you can backup the code you need (there is a small problem on the if you have too many as the qr code will be very big, the workaround will be splitting the code you need to backup to different group) I have been doing this the sync for all 4 of my device doing a cloud sync is a no no for me for security reason and for the app cannot be lock issue, I mean when you are in a location more then yourself, you should always fully lock you phone before it leave you hand..........
The main reason I switched to Authy is because it saves my info. My recent phone died, and so I downloaded the app on my new phone, and there was everything as it was on my old device. The google app was just completely wiped.
Thank you for the video. Why am I learning this lesson right now! I never bothered with 2FA previously. I always thought it was an odd sort of overkill. I had used 2FA before at work to access specific tools for an employer but that was it. I enabled the feature recently given concerns about security. I must say, If I were not a better person I would have fallen out with Google over this. I am unable to access accounts. I should have done my research before hand. I am grateful that I am finding this out now I hadn’t had the accounts long but the experience has been a huge time suck. If I had of watched this video or absorb everything I have researching this topic I would have opted for an alternative.
This isn't the only problem. If you let a friend use your computer and they log into their google account, you are now synced with them and see all their saved passwords. Even worse, if you let someone else use your device later, that person now has access to both your passwords, and your other friends passwords. Now facter in authentication apps with that? I'm suprised there hasn't been massive lawsuits over this.
I mean that is absolutely fucked up, wtf? I have so many accounts tied to my Google authenticator. If I lost access to these because of no backup I would lose my shit. This is how people become murderers.
4:08 Aren't cloud services also susceptible to hacking? I've seen plenty of news of clouds being breached - Dropbox, Microsoft, Apple iCloud etc. I wouldn't put any important information and files on the cloud without it being encrypted first.
What are you talking about? Google Authenticator has backup. Just hit export accounts, select which accounts, then it will generate a QR code which you can use on a new phone with google Authenticator.
Thanks for sharing. This doesn't really help if you've lost your phone or had it stolen. I wouldn't call it a "backup" as much as it's just a "transfer service". And even for that, it only allows you to transfer 10 accounts at a time.
Looking into switching as well, mostly looking for the convenience of an "Approve" request like I get with some Microsoft sign ins and other accounts, looking for an authenticator app that can do that for any account I use in it. These were some nice points though, unfortunately I don't like the idea of device sync, I'm sure you know, it's similar to the "all eggs in one basket approach."
Yea, I completely get that. I don't personally use device sync either, but I do keep a local backup of my file for protection against theft or loss of my device.
If a person doesn't use their device for anything important...never does banking on their phone, or anything "confidential", but just does it at home a PC...is there any reason to use 2FA? Thanks.
Thank you for sharing, I just started using GA. I'm that type of person who might upgrade in just a few years (My old phone's screen broke just after 1.5 years) so having an option for multiple devices is much needed
Keep using GA. Try to find articles about someone being hacked with GA, you won't find any. Even a basic SIM-SWAP is hard work. Carriers aren't THAT retarded.
I can't make purchases on my switch anymore and I can't log into my parsec because of authenticator. I'm never using any authenticator app because of this. I never had any problems before using this app! All because I factory reset my phone now I'm screwed! 😡
Hold on a second, this just made me realize that if i lose my phone, i lose access to all my investments. Man thank you for explaining this. I am switching asap!
Yeah, I snip the qr code, print that out then add the account to authenticator from that printout just to make sure the hard copy works. Label the paper and keep it somewhere secure with your other important documents. I recently re-flashed my phone and getting my accounts back in authenticator took 3 minutes.
@@bufordmaddogtannen I use a password manager for passwords but figure the paper backup might be slightly more secure being a different basket to keep the 2fa in. Otherwise if the password manager were to get hacked they'd have my whole world. Same concept that people use for crypto and keeping private keys on paper rather than digitally on an internet-connected device.
@@levielliott4673 indeed. It's an additional layer of protection. Although I'd not be at ease putting qr codes together with, for instance, electricity bills (there they are unprotected) or in a safe (that's a target). Maybe I'll have to hide things under the floor. Like John Wick. 😁🤣
I am using Microsoft Authenticatior app on Android, I accidentally deleted my app from phone. When i login same account with 'Already have account Begin recovery.' option but i didn't get any previous added 2FA account of other social media accounts. Backup and sync option was enabled. I didn't find and article or video tutorial for this. Is there any way to recover those backup? Please help
Excellent content, thanks for the video. Definitely I’m switching from Google to Authy, however how simple it is to switch? Can we have a second application doing the authentication before disable the first one without compromising access to the account? Thank you.
YES! You can have multiple apps running the same 2FA as long as you scan the same code for both of them. So don't delete your Google Authenticator until you're absolutely sure that you have all the other codes successfully migrated.
Some might see this as a security risk, but I don't mind taking responsibility of my own security: Aegis allows for the exportation and rescanning of your auth tokens. I have a few accounts that are shared and Aegis made it seemless for me to share the auth token
I am doing the switch right now. It's not as painful as imagined. You will be able to test out your authentication before saving the 2FA setting so that helps.
Could use double blind with 1password, make a part of the password that you will remember and type in and don't include that part in the password manager. That way no one will have the complete password making it more secure despite the fact that your 2fa is integrated.
1. In most Android phones an app can be secured within the phone. 2. When you enable 2FA, the website gives you 10 codes for backup to use for emergencies like when your phone breaks down, or lost, or stolen. Whene you switch phones the google authenticator has an option to transfer the registrations to your new phone, to the new authenticator. On the other hand if your app has somewhere a backup outside the phone guess what? That can be a target for hackers.
@All Things Secured you just login into your account and get a fresh set of backup codes. Also you can store the qr code and use it with your new mobile devices. It's easy .
Absolutely! I use a physical key and I love it. The problem is twofold: 1) Some online accounts don't accept physical keys yet. 2) A physical key costs money. Some people are only willing to secure themselves as long as it's free (unfortunately). But if you can use a key...do it!
@@AllThingsSecured with yubikey you can download their Authenticator app and the codes are installed on the key. If you get nfc version it can be used on desktop and iPhones and android devices
First of all for the lock you can easily fix this by using app locker and in OnePlus and Xiaomi phone it's build in. For the backup, you now have options to export the accounts
Ty , I have OnePlus and worked for me. But I have a question how it will happen when hackers have control over your phone, they can see what your password is or what?
If someone got your phone while it's unlocked, they still need your passwords to do shit. It's not like you leave your passwords on a notepad or something
im using it rn, now how do. i delete the app? do i logout out and delete or just delete the app, im kinda scared after u have said all this because i use google authenticator a lot
3:35 - It should be known that Authy doesn't allow access to the seeds for the 2FA codes. This means that if you get locked out of your Authy account (for whatever reason) then you could have to reset your 2FA accounts individually.
That's fine. Have the seeds backed up to an encrypted container locked in your safe, for worst scenario situations. Should have Authy on several devices. I have Authy on several devices - phone / tablet / PC. Once Authy is set up on several devices, turn off multiple device option and no one else can log into your Authy account unless you approve. Super secure and safe.
@@mementomori29231 how do you have the seeds locked up in a safe if Authy doesn't give access to the seeds? Also, I can do everything you just said with every other 2FA app AND STILL have plain text access to the seeds for my codes. 🤷
Good information as to why not to trade in your personal life & freedom for the sake of so called convenience ( laziness = control) Give up your freedom & cry later, "OMG Why How?"
1) I trust a larger company more than a smaller one. 2) You can export all your codes via QR code to another unit. Even print it for safekeeping. 3) The fact that there is no app lock is not a deal breaker. 2FA is meant to stop hackers/phishers with no access to the phone. 4) You have affiliate links
1. The bigger they are, the harder they fall. 2. You can save backup codes when you setup any 2FA, so what's the difference between that and the QR code? 3. My home security system is supposed to deter thieves, but I still lock my doors. Your point? 4. My first two recommended options are not affiliate links, and I clearly declare that 1Password is an affiliate link because it's the one I use. Are you implying that this somehow taints my message?
Can you help me get around this issue. Facebook account hacked, have been through ( around in circles mainly ) the suggested fixes from FB & various online suggestions. Everything comes back to generating a code - BUT YOU HAVE TO BE LOGGED INTO THE FACEBOOK ACCOUNT TO GENERATE THE CODE. If I could log into the account, I would not need a code! Initial set up of Google Authenticator asks to scan a QR code or enter set up key - both of which you get after you log into FB ( is this correct? ). Can I use another app to generate a code that I could enter in the FB recovery process? If you can help, thanks for your assistance.
Google Authentication does have a lock. You enable privacy screen, which means you can open the authenticator only with touch ID (not with your phone's PIN). Maybe it works with faceID too, but I don't have that on my iPhone 8
yup you're right bro. i also had a hard time with GA when i lost my phone. They have no back up or anything and I even emailed google about it. And they reply that it will lead to court because of the legality issues...BIG no to GA..
I refuse to use Authy due to required phone number, sounds like a worse risk, IMO. G-auth does have an export, which I use to save codes on another device as a backs up, no syncing and I'd rather not use a cloud syncing on those codes anyway. If I add more codes, I just export those to the other device. Not a big deal. Also, why are you bothered by not have a passcode to open teh auth app if you are using FaceID or TouchId and a good phone passcode? Honestly, I'm sticking with Googles Authenticator because it does not cloud sync and had an easy export that scans in on another device. If it didn't have the export I'd pick another one. But not Auth, that darn phone number requirement bothers me. (Sim hijacking)
way too hyped way too far maybe just anti googler. in modern phones app password features are available on OS layer why would it be as critical as 250k times viewed negative flavored post. next you talked about backup. in fact GA provides pretty well engineered backup capabilities, without depending on internet connection in the form of QR code which you print on a paper and live happily.
Create 4 gmail accounts with NO personal information in there. Protect all of them using 2fa. Don't use any service that wont let you signin/up using gmail. Use one for banking/investing (one for each country you have account on). Use one for Spamfull buy a subscription crap. Use one for social media. Use one for work. If the service asks for more information than you are confortable providing, just search for an alternative.
You're phone it's set up with a finger print or face id? Do you leave your password manager open too? The 2fa is useless without the username and password. Google does not have an export because they put the secure tokens in the secure enclave of the device. You should not be saving the secure tokens. That's what the back up codes are for. Back up codes should be kept in a safe place.
Yeah stop using Google security or two step authorification go to your Google settings and turn that shit off or disable it it makes it easier so you can connect to your PS3 OR PS4 OR 5
1password auto entering the 2FA code completely defeats 2FA. That's 1FA... The hen eats the egg.
yeah that suggestion is honestly a step back from google authenticator.
Agreed. Trading security for convenience is never a good deal.
but some people may be willing to do the risk as 2fa config is sometimes forced to be done in some accounts on some sites.
Only if your password database with the 2FA codes got compromised. If it's some other kind of attack, which 2FA could have prevented, it's not a big deal.
1password is garbage, this video is garbage. Surprising tbh.
Auto-filler pass-mgr
good one.
Aegis authenticator is the way to go.I prefer to use open source apps when compaed to closed source as it is quite reliable .
yes!
What is the advantage of open vs. closed source?
As of Feb 2021 Google Authenticator now allows for export of 2FA's for backup, and when installing the App for the first time set a pincode to access it. This makes the product now the best there is if one does not like using cloud storage.
If an attacker can access your phone, he somehow got around whatever you use to unlock your phone. So if an app would use that same method, the attacker can most likely get around that just the same. So using a different method (for example I use a pattern for my phone to unlock, but a 4 digit number for authy) would make it a lot more secure.
Complaining about Google authenticator not being secure enough, but also wanting a backup method is a bit of a contradiction. Having your keys stored at an additional place, online, that has to be accessible without 2FA keys (at least by this method) does make it less secure. I do agree that this is a "Should have" feature, however, definitely not from a security standpoint.
And the iCloud Backup (luckily that is only the case for iPhones) is quite misrepresented as well. 04:17 "So it's not going to Microsoft, it's not going to Authy, it's your iCloud Account." Which means it goes to Apple. Or the other way around, it goes to YOUR Microsoft account or YOUR Authy account. I fail to see what the advantage of it being in stored in the iCloud.
Of course, everyone gets to have their own opinion, but this is clearly fanboy bullshit presented as a security feature.
I print out my QR codes and place them in a secure location. This allows me to restore my setup when I wipe my device twice a year. Also, I like the idea of not having a backup as I find it more secure :-)
Yea, I understand that. Also, why do you print out the QR codes instead of the text backup codes that they give you?
Be careful how you print. If you're on wifi there could be a man-in-the-middle attack on your LAN. Anyone running Wireshark could see your documents in plain text as they are sent to the printer. Also, some fancier printers (usually laser printers) have hard drives in them that store what is printed. Best option is to use a real cheap inkjet printer via USB cable, the old-fashioned way. If you're printing sensitive info, I would go this route. You can pick up a printer like that for $30, but ink refills are ridiculous.
"Not having a backup is more secure" - since when?
@@andrewmurray1550 it is in terms of others getting access
@@andrewmurray1550 Having back up on other device is multiplying the chance of your 2FA being hacked.
update on the authenticator app: it now supports a lock screen so you have to enter your phone passcode, fingerprint or faceID
Using Bitwarden with Microsoft Authenticator for years 😊
I don't understand the use of any authenticator. How is it different from using Bitwarden which I use?
@@cocatfan Bitwarden is a password manager mainly and not an authenticator. Yes, it does have TOTP authentication as premium feature. But the purpose of using an authenticator is to use a different device or app for additional verification. A person who can get into your password manager can also see your 2FA code if they are together and totally negates the purpose of 2FA.
Bitwarden + Microsoft? Like Privacy + Surveillance
@@twb0109 if it works well I'm ok with it. I also use both.
@@jorgemotta8290 yeah, people don't care about privacy
I think Aegis is an option more interesting, it allows you to backup in a encrypted file in a cloud of your choice, and also give You the option to do it manually exporting that file and save it wherever You want. And You can switch from Google authenticator exporting acounts and it Will read the que code without a problem.
I'll never be convinced that being able to backup codes is more secure than not being able to. Your first point makes sense, however its a app feature that could be easily implemented and until google does Ill just use third party security apps to lock access to the app. Also, as of now google authenticator has a option to transfer your codes to other devices.
Authy requires a phone number to setup.. that in itself makes it less secure than google authenticator. , > you can find hacking stories on this on reddit subs. also, having various 'backup' options in multiple devices might be good for convenience but bad for security. if you use google authenticator properly, i.e. downloading the backup codes as you should for your own security then there's no need to downgrade to authy
True.People just don't understand how google authenticator works.
Using your phone number to setup anything is not secure at all.Because of a "sim swap" attack.
It's VERY annoying to see someone like you purport to be a security conscious 'professional' and give out such bad advice.
Uhmm... I have Google Authenticator on a secure folder on my phone, so... to enter to that secure folder I have to use passcode or fingerprint reader, and a good habit is to have a password manager, so... Everytime I add a new account to Google authenticator I add the code to my password manager that makes automatic backups, is sinc with the cloud and is encripted.
Im not telling that Authy or the others are not good... just the reasons you give to change it are not that important for me.
Thanks anyway for the video. :P
DO NOT LISTEN TO THIS GUY!! First of all you can password secure your phone with a password or a pin to block anyone from accessing your google authenticator. Second, yes you can make a backup with the key given to you when setting up the authentication procedure. Third, install the google authenticator on an airgapped used (old) cell phone for better security, DO NOT INSTALL ON MULTIPLE DEVICES!! you expose yourself and your keys!! and last and very important do not backup to your cloud, if anyone gets to your SIM card or calls the telephone company to get your SIM card replace they will have access to your cloud and all your apps including your authenticators. VERY IRRESPONSIBLE VIDEO!!
I have a tattoo of my QR code sketched on my inner-thigh. You know, maximum security so nobody can see my weird search history.
UPDATE: Google Authenticator has since added biometric lock to the app, so my primary gripe about the security of the app has been resolved. I still prefer Authy, however, and for even better security, consider using a 2FA key like this: th-cam.com/video/xRmDIL9l3b0/w-d-xo.html
I was using Google Authenticator but you highlighted a few issues that warranted the switch!
Both of them, first I get password from google authentication then I use I 2FA.
Yep I was using G Auth, now switched to Authy better actually!
I am using google authenticator, Microsoft authenticator, lastpass authenticator for different purposes (e.g. work, personal, etc). Just read Authy's privacy policy - they share a lot with third parties "as required to provide their services". That's a NO-GO for me. MS and Lastpass are pass protected which is great. Google authenticator has been compromised already as far as I know.
I used to use the Google Authenticator, then the Microsoft Authenticator and now Authy Authenticator
Google Authenticator now has lock feature under Face ID
Yes, you are correct. Perhaps Google watched this video? 😉
@@AllThingsSecured Theyre always watching ;)
Google authenticator is designed to be the equivalent of a hardware token on your phone. In other words, it's something you have and cannot be easily duplicated. While I agree that having the option of protecting my MFA is an extra layer of security, I believe that the biggest benefit is that someone only has access while they have my phone - i.e. they can't make a clone of it.
Best practice, in my opinion, is to use a password safe that contains my backup codes. Since most MFA systems only allow for one OTP seed, this forces me to retire the lost seed and then generate a new one.
Thanks for the input here, JT.
GA is perfect. ATS Clickbaiting
Until ya drop ya phone, all gone.
@@PutsOnSneakers Have a second phone stored in away at home.
Great video.... I just dumped Google Auth all together. Question for you, authy looks good as I do like the multi-device option so I don't have to access my phone to get a 2FA code but I don't like giving them my mobile number. Microsoft auth backup in iCloud is great but would you happen to know the answer to this question - if I lost my iPhone and I decide to buy another iPhone three days later and I need a 2FA code before I get my new iPhone I am out of luck unless I have backup codes right?
I just learnt something I didn't even know I needed. Thank you for the wake up call!
Glad it was helpful!
i switched phones and i dint backed up my codes, now i need my old phone with G-authenticator. Good video
Yea, you're not the only one that has happened to. So sorry for the trouble!
you can easily transfer from one device to the next. I literally just did that last month when i moved from OP 5t to a new samsung S21
You can export accounts to the other device like I did but actually switched to Authy!
You can transfer from within the app..
Omg
So my phone died out of nowhere and it couldn't be repaired so.. I lost everything Including Google Authentication and I had tons of accounts with Google authentication and guess what I couldn't recover anything at all so never use Google authentication biggest fault is that it doesn't has an account sign in method
Why didn't I got the video recommended earlier man
Authy, Microsoft, One password...
You're missing the importance of Open Source software. Who would trust a proprietary app with their personal data??
Your channel could be so much better if you got your feet wet in the world of REAL privacy and security. Take some inspiration from Techlore
So what is a good open source authenticator?
@@Ta3iapxHs Probably a metal card with your QR codes etched in or some shit lmao
FDroid... seems I can't type :(
Man, I know you probably won't see this; but I really appreciate the small things that most other content creators pass up, like timestamps.
Yeah that, or uh.. You know... He *could* focus on stuff like... NOT making videos around statements that are completely false? But hey at least he got the timestamps on there. (slow clap) very nicely done on those timestamps
@@DJStompZone Said false statements being...? (Not being an ass, genuinely wondering)
I totally get you. I always thought Google authenticator would have some backup feature to save all the account codes. To my horror when my phone got downgraded from Android 12 beta to 11, all my data was stored and could be restored except for Google authenticator. Had a painful time trying to recover each account one by one.
Will be switching over to authy!!
Sync or not, if i am paranoid enough about deleting GoogleAuth, I should have the skepticism to not put 2FA on malware rich-environments like a desktop.
Even Zuckerberg covers his macbook’s webcam by tape, why would i throw 2fa on a desktop...
Fair point, and I recognize that there are different levels of comfort when it comes to security. I don't think deleting Google Authenticator is about paranoia, though. It's that most people don't understand that if they lose this particular key to their online accounts, there is no "forgot password" reset button.
Google added the transfer option which gives you a single QC to important to another but I just took a picture with another device them provider it out and put it in the safe as a backup.
I don't agree. 2FA is meant to be "something you have".
Along with that you have the regular which is "something you know". If you have access to your phone, it should be all you need to qualify as the something you have.
No, authy requires a phone number to set up and then you either get a verification code by text or call to your number to access your app. Then after that you have to enter your backup password to access the accounts. And just so you know backup passwords are never stored by authy meaning if you forget it you can’t recover it. Same for the pin. So authy is still as secure as google authenticator. And plus authy has a better UI than google authenticator
Ok, then why do you still have your video on using Google authenticator on your channel from 7 months ago? Maybe delete it, it's confusing to have both. Cheers.
I factory reseted thinking I can’t get them so I turn off 2fa temporarily. Well discord didn’t turn it off and I almost lost my account. Luckly I had sms backup on but man not portable is very not fun. I still use google auth but I’m unsure if I trust the other apps.
Hey, man! You're good! Very good! Clear explanation, calm voice, real emotions, no faking, no overdoing it, no squeaking noises coming out of your mouth to make it "fun" and "cool", by some standards. No loud or annoying music... I was looking for Shakepay 2 step authentication explanation and stumbled upon your authenticator video. Don't know when you started your channel, but I wish you get hundreds of thousands subscribers soon! All the best!
Thanks so much, Vladimir!
I'm not even watching the video but I applaud the uploader for this effort and agree with your sentiment. Hate those trendies.
you should take down your privous video about installing authenticator if you really feel that way. Feels super scammy to have both!
Hey Daniel, I appreciate the feedback. I'm on the fence about this because, honestly, using Google Authenticator is better than nothing, so if people need help setting it up, I want to help them, you know? Also, I'm on a lifelong journey of learning, so my newer content is always going to reflect better ideas. Does that mean I should delete older videos? I don't think that it does.
Unless the desktop apps have an unlock PIN does it not defeat your stated purpose in switching from Google Authenticator?
They do. Sorry I didn't show that. You can create a "master password" for the Authy desktop app.
Besides the point.
Wait a backup cloud option would bring itself some security issues. Even if they are (like they say) encrypted, someone who knows what he does and get access to these cloud saves can still decrypt them and get access now to all of your 2fa codes. It's better to write down the backup or recovery codes instead of using backup cloud saving, but the issue is that some sites like paypal or amazon do not provide any backup or recovery code for 2fa which is a shame.
See, I don't want my 2FA codes syncing to the cloud where hackers can get to it.
I get that.
Might pick Authy, I can install this on my main and old phone and only use the old phone when I need backup access if the current phone is lost/breaks.
Love it. The backup idea is perfect.
I use Microsoft authentication and I love it. I can recover my codes.
Good deal!
where do you put in a code? I'm so lost
@@rileynichol1016 Microsoft authentication gives you another code (number) that works like a second password, that code changes every 30 secs so it’s so complicated to hack. You just need to download the app and scan the QR to link the website to secure with Microsoft authentication.
@@pptx24 ty
@@pptx24 what if I only have 1 device?
use andOTP or freeOTP
Google Authenticator is insecure, but saving your 2fa with your password in 1password is secure??? And btw Google Authenticator is backed up to iCloud via the full device backup
@燃えるおっぱい【海外35P】 agreed - Bitwarden is the only pass manager I ever tell people about.
While I agree that using 1Password isn’t the MOST secure way to setup 2FA, it’s definitely better than Google Authenticator for many different reasons. As for the iCloud backup, I’ve had mixed results. I definitely wouldn’t rely on that method alone as your only backup.
If someone has access to your phone OS, what the f*ck do you think is going to happen?
You have far bigger problems than your authenticator. Lol.
If they have that much power, your entire security stack is at risk, and all these other methods you are bringing up, are moot.
Well if that's true for you, then your security stack isn't well stacked! No single login (i.e. your Phone unlock passcode) should give anybody "that much power". If so, you're doing something wrong.
I dropped Google authenticator last year for that same 2nd reason (no way to backup codes)
Yea, it's pretty scary, particularly if you keep your crypto backup codes on Google's app.
and a software shouldn't be so crappy that you need a second/spare phone, just to do an export to google auth on that phone, to put it away as a spare. How crap is that design!
there is a way though. Print the QR codes on paper and place them somewhere safe :) You could also print the emergency OTPs provided by the accounts that allow you to integrate 2fa. They are meant for scenarios like these :) Since the security risks for all these services are still non-zero, it would still be okay to use services that backup to the cloud though. Just know that they are less secure than using google 2fa.
Nice work
Switched! Thanks for the heads up
Glad you made the switch!
You can just export google authenticator OTPs and import them on a second device btw. I have them on my phone and on my iPad for backup.
having 2fa codes on your password manager seems like a horrible idea lol
So basically if Authenticator required biometric unlocking of app you might still use it.
As for site code backup I just snap a pic of the setup QR codes with a cheap offline camera.
You can make a back up of all your codes by taking a picture of a barcode for back up!!! There is an option in the settings!
GA has a “privacy screen” setting, meaning face recognition is instantly required when opening the app, unlocking your phone and (re) opening the already running app, etc.
Does this not resolve your no password concern for GA?? Seems secure to me.
It wasn't there when this video was released but it is now
@@Dabs_Rulez sooo the app team listened to criticism and just like space wolf said i acknowledge my mistake and will correct it
Google need to add some kinda extra password to the qr so that only one can get the access who knows the password
No... MFA using a strong password, a hardware security key, and Authy for your 2FA is the best way for the average person to secure their online accounts.
That's a great setup, Justin.
It is generally, if you want to be convenient and easy to use, security will be exposed. Therefore, I generally do not use automatic cloud backup, I am backing up my own method(You can back it up with a file, then you have to modify the name of it, and then upload it to your cloud. ).
BTW, I using andOTP APP, Because it is a completely open source application, and it can encrypt your file backups. You also need a pin or password to get in.
Yep , conveniency come with the cause!
andOTP is great and you can see the source code,so there no back door for third party to services to get in. All the security in your own hand!
Security and convenience are always inversely proportionate. If you really want to be secure you shouldn't even use the same device for your password manager and 2FA authenticator and even use physical USB keys (eg. Yubikey) for them, but not many people do that because it's very inconvenient.
Responsible people will save the 2FA seed codes in a password manager, so losing your phone becomes a non-issue. Alternatives to Google Authenticator also exist, which enable you to backup your 2FA seeds into an encrypted file.
Thanks for opening my eyes with Google!!! I was starting using Microsoft authenticator before this video because has his own password, can backup and has his own password which found it much better for the situation in case lost my phone.
Glad I could help, Joel!
hey there man, i agree but the part you were talking about you can't lock the app is not true. many antivirus companies allow app locking which can be done easily but good video
If you have an antivirus installed on the phone and most have not. I personally stopped using antivirus on android for many years because the only thing what it did is generate traffic and needs a lot of battery, as someone who can see if a website or mail is wrong, blocking ads and cookies and only install well known apps from Play Store an antivirus is just useless.
Do you know OTPAuth? You should give it a try. I thinks this app is awesome (Only available on iPhones)
Thanks for the tip, Mattis! I hadn't used it before. From what I see on the app store, I probably wouldn't use the notification center feature. Do you think it's worth the paid version when others like Authy are free?
@@AllThingsSecured Absolutely. On the iPhone it should be free. Only the Mac app bust be paid.
@@AllThingsSecured I am very satisfied with OTP Auth. It works well.
I agree, it's a much better option since it's open source. On Android "andOTP" is a great open source 2FA app.
Authenticator has multi devise support. I have it on my iPad and iPhone. Same codes on both devices.
My phone is always locked so g app doesnt need to
0:45 maybe its so insecure cause you're mean to it 🥺
I'll let that one go.
the reason I use Google sync is because it is totally off line
you can back up Google Auth Back up by creating a qr code for a different device to scan
just go to transfer account -> export account and you can backup the code you need
(there is a small problem on the if you have too many as the qr code will be very big, the workaround will be splitting the code you need to backup to different group)
I have been doing this the sync for all 4 of my device
doing a cloud sync is a no no for me for security reason
and for the app cannot be lock issue, I mean when you are in a location more then yourself, you should always fully lock you phone before it leave you hand..........
The main reason I switched to Authy is because it saves my info. My recent phone died, and so I downloaded the app on my new phone, and there was everything as it was on my old device. The google app was just completely wiped.
Thank you for the video. Why am I learning this lesson right now! I never bothered with 2FA previously. I always thought it was an odd sort of overkill. I had used 2FA before at work to access specific tools for an employer but that was it. I enabled the feature recently given concerns about security. I must say, If I were not a better person I would have fallen out with Google over this. I am unable to access accounts. I should have done my research before hand. I am grateful that I am finding this out now I hadn’t had the accounts long but the experience has been a huge time suck. If I had of watched this video or absorb everything I have researching this topic I would have opted for an alternative.
This isn't the only problem.
If you let a friend use your computer and they log into their google account, you are now synced with them and see all their saved passwords.
Even worse, if you let someone else use your device later, that person now has access to both your passwords, and your other friends passwords.
Now facter in authentication apps with that?
I'm suprised there hasn't been massive lawsuits over this.
Bro I feel u when I lost my phone I lost my all accounts. There's no way to recover 😕
So sorry about that!
Sad
I mean that is absolutely fucked up, wtf? I have so many accounts tied to my Google authenticator. If I lost access to these because of no backup I would lose my shit. This is how people become murderers.
@@blgdinger3 every time you setup 2fa get the backup codes, write/print them down and store them in a safe place
Google Authenticator has the ability to use Touch ID, and it also has a backup feature.
4:08 Aren't cloud services also susceptible to hacking? I've seen plenty of news of clouds being breached - Dropbox, Microsoft, Apple iCloud etc. I wouldn't put any important information and files on the cloud without it being encrypted first.
More than that I wouldn't even trust those companies themselves with my private information so I wouldn't even use them anyway
Bitwarden is used by proprivacy people
What are you talking about? Google Authenticator has backup. Just hit export accounts, select which accounts, then it will generate a QR code which you can use on a new phone with google Authenticator.
Thanks for sharing. This doesn't really help if you've lost your phone or had it stolen. I wouldn't call it a "backup" as much as it's just a "transfer service". And even for that, it only allows you to transfer 10 accounts at a time.
Looking into switching as well, mostly looking for the convenience of an "Approve" request like I get with some Microsoft sign ins and other accounts, looking for an authenticator app that can do that for any account I use in it. These were some nice points though, unfortunately I don't like the idea of device sync, I'm sure you know, it's similar to the "all eggs in one basket approach."
Yea, I completely get that. I don't personally use device sync either, but I do keep a local backup of my file for protection against theft or loss of my device.
Google need to add some kinda extra password to the qr so that only one get the access who knows the password
If a person doesn't use their device for anything important...never does banking on their phone, or anything "confidential", but just does it at home a PC...is there any reason to use 2FA? Thanks.
Thank you for sharing, I just started using GA. I'm that type of person who might upgrade in just a few years (My old phone's screen broke just after 1.5 years) so having an option for multiple devices is much needed
Glad I could help!
Keep using GA. Try to find articles about someone being hacked with GA, you won't find any. Even a basic SIM-SWAP is hard work. Carriers aren't THAT retarded.
Google authenticator backup could be done by printing the QR code, very easy. For me having passwords and 2fa on same System is a no go.
This was really helpful. I thought all apps had same issues as Google's. Glad to know there is a solution.
I can't make purchases on my switch anymore and I can't log into my parsec because of authenticator. I'm never using any authenticator app because of this. I never had any problems before using this app! All because I factory reset my phone now I'm screwed! 😡
Hold on a second, this just made me realize that if i lose my phone, i lose access to all my investments. Man thank you for explaining this. I am switching asap!
I use and recommend Aegis Authenticator, which is available through the F-Droid open source app store.
Protip: save the various qr codes together with the security/recovery codes when you set 2FA, you'll be able to scan them on different devices.
Good tip!
Yeah, I snip the qr code, print that out then add the account to authenticator from that printout just to make sure the hard copy works. Label the paper and keep it somewhere secure with your other important documents. I recently re-flashed my phone and getting my accounts back in authenticator took 3 minutes.
@@levielliott4673 I use a password manager, but the concept is the same. Instant recovery in case I change phone. 😉
@@bufordmaddogtannen I use a password manager for passwords but figure the paper backup might be slightly more secure being a different basket to keep the 2fa in. Otherwise if the password manager were to get hacked they'd have my whole world. Same concept that people use for crypto and keeping private keys on paper rather than digitally on an internet-connected device.
@@levielliott4673 indeed. It's an additional layer of protection. Although I'd not be at ease putting qr codes together with, for instance, electricity bills (there they are unprotected) or in a safe (that's a target).
Maybe I'll have to hide things under the floor. Like John Wick. 😁🤣
I am using Microsoft Authenticatior app on Android, I accidentally deleted my app from phone.
When i login same account with 'Already have account Begin recovery.' option but i didn't get any previous added 2FA account of other social media accounts.
Backup and sync option was enabled.
I didn't find and article or video tutorial for this. Is there any way to recover those backup?
Please help
Microsoft Authenticator is garbage and microsoft has been leaking client info since 2005 due to bad opsec.
Funny I noticed this as well about GA, and this was my first experience with 2FA. Thanks Subbed!!
Thanks for the sub, James!
I just fired "Google Authenticator"! I switched to Microsoft Authenticator based on the information in this video!
Excellent content, thanks for the video. Definitely I’m switching from Google to Authy, however how simple it is to switch? Can we have a second application doing the authentication before disable the first one without compromising access to the account? Thank you.
YES! You can have multiple apps running the same 2FA as long as you scan the same code for both of them. So don't delete your Google Authenticator until you're absolutely sure that you have all the other codes successfully migrated.
@@AllThingsSecured Excellent and thanks again for your help. I just subscribed your channel and I will share it.
Some might see this as a security risk, but I don't mind taking responsibility of my own security: Aegis allows for the exportation and rescanning of your auth tokens. I have a few accounts that are shared and Aegis made it seemless for me to share the auth token
I am doing the switch right now. It's not as painful as imagined. You will be able to test out your authentication before saving the 2FA setting so that helps.
Could use double blind with 1password, make a part of the password that you will remember and type in and don't include that part in the password manager. That way no one will have the complete password making it more secure despite the fact that your 2fa is integrated.
1. In most Android phones an app can be secured within the phone. 2. When you enable 2FA, the website gives you 10 codes for backup to use for emergencies like when your phone breaks down, or lost, or stolen. Whene you switch phones the google authenticator has an option to transfer the registrations to your new phone, to the new authenticator. On the other hand if your app has somewhere a backup outside the phone guess what? That can be a target for hackers.
Google has Backup codes, that you can refresh at your will.
What do you mean?
@All Things Secured you just login into your account and get a fresh set of backup codes. Also you can store the qr code and use it with your new mobile devices. It's easy .
What about a physical key?
Absolutely! I use a physical key and I love it. The problem is twofold:
1) Some online accounts don't accept physical keys yet.
2) A physical key costs money. Some people are only willing to secure themselves as long as it's free (unfortunately).
But if you can use a key...do it!
@@AllThingsSecured with yubikey you can download their Authenticator app and the codes are installed on the key. If you get nfc version it can be used on desktop and iPhones and android devices
@@speedracer123222 The problem with that is that Yubikey can only store 32 TOTP keys, that might be enough for some users, but not for all.
Is the 2fa feature available now where we can see our 2fa 6 digit passcode from the 1password itself?
First of all for the lock you can easily fix this by using app locker and in OnePlus and Xiaomi phone it's build in.
For the backup, you now have options to export the accounts
Exactly!
Nah
Ty , I have OnePlus and worked for me. But I have a question how it will happen when hackers have control over your phone, they can see what your password is or what?
If someone got your phone while it's unlocked, they still need your passwords to do shit. It's not like you leave your passwords on a notepad or something
That was really helpful. Thank you so so much
im using it rn, now how do. i delete the app? do i logout out and delete or just delete the app, im kinda scared after u have said all this because i use google authenticator a lot
3:35 - It should be known that Authy doesn't allow access to the seeds for the 2FA codes. This means that if you get locked out of your Authy account (for whatever reason) then you could have to reset your 2FA accounts individually.
Does 1password have this feature?
That's fine. Have the seeds backed up to an encrypted container locked in your safe, for worst scenario situations. Should have Authy on several devices. I have Authy on several devices - phone / tablet / PC.
Once Authy is set up on several devices, turn off multiple device option and no one else can log into your Authy account unless you approve. Super secure and safe.
@@mementomori29231 how do you have the seeds locked up in a safe if Authy doesn't give access to the seeds?
Also, I can do everything you just said with every other 2FA app AND STILL have plain text access to the seeds for my codes. 🤷
Good information as to why not to trade in your personal life & freedom for the sake of so called convenience ( laziness = control) Give up your freedom & cry later, "OMG Why How?"
wow thank you for that information sir..thanks to your video i uninstall the google authenticator..i change to microsoft better than google.😊
Glad it helped, Marvic!
Verry good video. Best password manager is definitely a sheet op paper 😂
1) I trust a larger company more than a smaller one.
2) You can export all your codes via QR code to another unit. Even print it for safekeeping.
3) The fact that there is no app lock is not a deal breaker. 2FA is meant to stop hackers/phishers with no access to the phone.
4) You have affiliate links
1. The bigger they are, the harder they fall.
2. You can save backup codes when you setup any 2FA, so what's the difference between that and the QR code?
3. My home security system is supposed to deter thieves, but I still lock my doors. Your point?
4. My first two recommended options are not affiliate links, and I clearly declare that 1Password is an affiliate link because it's the one I use. Are you implying that this somehow taints my message?
btw .. you can lock the app with built in app lock feature :>
Can you help me get around this issue. Facebook account hacked, have been through ( around in circles mainly ) the suggested fixes from FB & various online suggestions. Everything comes back to generating a code - BUT YOU HAVE TO BE LOGGED INTO THE FACEBOOK ACCOUNT TO GENERATE THE CODE. If I could log into the account, I would not need a code! Initial set up of Google Authenticator asks to scan a QR code or enter set up key - both of which you get after you log into FB ( is this correct? ). Can I use another app to generate a code that I could enter in the FB recovery process? If you can help, thanks for your assistance.
Google Authentication does have a lock. You enable privacy screen, which means you can open the authenticator only with touch ID (not with your phone's PIN). Maybe it works with faceID too, but I don't have that on my iPhone 8
yup you're right bro. i also had a hard time with GA when i lost my phone. They have no back up or anything and I even emailed google about it. And they reply that it will lead to court because of the legality issues...BIG no to GA..
I refuse to use Authy due to required phone number, sounds like a worse risk, IMO. G-auth does have an export, which I use to save codes on another device as a backs up, no syncing and I'd rather not use a cloud syncing on those codes anyway. If I add more codes, I just export those to the other device. Not a big deal. Also, why are you bothered by not have a passcode to open teh auth app if you are using FaceID or TouchId and a good phone passcode? Honestly, I'm sticking with Googles Authenticator because it does not cloud sync and had an easy export that scans in on another device. If it didn't have the export I'd pick another one. But not Auth, that darn phone number requirement bothers me. (Sim hijacking)
way too hyped way too far maybe just anti googler. in modern phones app password features are available on OS layer why would it be as critical as 250k times viewed negative flavored post.
next you talked about backup. in fact GA provides pretty well engineered backup capabilities, without depending on internet connection in the form of QR code which you print on a paper and live happily.
Create 4 gmail accounts with NO personal information in there. Protect all of them using 2fa. Don't use any service that wont let you signin/up using gmail. Use one for banking/investing (one for each country you have account on). Use one for Spamfull buy a subscription crap. Use one for social media. Use one for work. If the service asks for more information than you are confortable providing, just search for an alternative.
You're phone it's set up with a finger print or face id? Do you leave your password manager open too? The 2fa is useless without the username and password. Google does not have an export because they put the secure tokens in the secure enclave of the device. You should not be saving the secure tokens. That's what the back up codes are for. Back up codes should be kept in a safe place.
How about OTP auth ??(ios)
It’s another Authenticator that works.
Yeah stop using Google security or two step authorification go to your Google settings and turn that shit off or disable it it makes it easier so you can connect to your PS3 OR PS4 OR 5