STOP Using Google Authenticator❗(here's why + secure 2FA alternatives)
Вставка
- Опубліковано 30 чер 2024
- It's a security app that isn't the most secure (although they have added Face ID for iOS since this video was published). I still recommend something like Authy OR, for a more secure option, consider a 2FA key: • Setup a 2FA Key for MA...
▶ Try Authy: authy.com/
▶ Try Microsoft Authenticator: www.microsoft.com/en-us/accou...
▶ Try 1Password (affiliate): www.allthingssecured.com/yt/1...
How to setup 2FA on one device (without scanning a QR code): • Setup 2FA Authenticato...
If you care about your personal security and privacy online, download my free security checklist here:
✅ Security Checklist: www.allthingssecured.com/secu...
🔹🔹🔹What You Should Watch Next🔹🔹🔹
We've got a lot of great privacy- and security-related content here on the All Things Secured UA-cam channel (although we admit we're a bit biased). If you're wanting to increase your online cybersecurity, here's what's next:
✅ Change these 7 Facebook Privacy Settings NOW! • How to Change Your Fac...
✅ STOP Using VPNs! (here's why): • Don't Use a VPN...it's...
✅ Are spy apps safe? • DON'T USE MOBILE SPY A...
🔹🔹🔹Help Support All Things Secured (Recommended Services)🔹🔹🔹
If you enjoy this kind of practical security and privacy content, one of the best ways you can help support this channel is by using these affiliate links to our favorite products and services. When purchasing through these links, you not only get the best available deal, the companies will also pay us a small commission. Thank you for your support!
✅ Recommended Password Manager: www.allthingssecured.com/yt/1...
✅ Recommended Identity Monitoring: www.allthingssecured.com/try/...
✅ Recommended 2FA Security Key: www.allthingssecured.com/yt/y...
✅ Recommended Secure Email: www.allthingssecured.com/try/...
✅ Recommended VPN: www.allthingssecured.com/try/...
*********************
Video Timestamps
*********************
0:00 - Introduction
0:46 - Google Authenticator is Not Secure
2:00 - Authy App
3:34 - Microsoft Authenticator App
5:00 - 1Password App
6:05 - Summing Up Alternatives
*********************
2 Factor Authentication apps (2FA) are a must have if you'd like to secure your accounts, but you'll want to make sure you have a secure app that you can trust. The Google Authenticator app is not as secure as we think, and here are a few good alternatives.
#2fa #authenticator #persinfosec - Наука та технологія
UPDATE: Google Authenticator has since added biometric lock to the app, so my primary gripe about the security of the app has been resolved. I still prefer Authy, however, and for even better security, consider using a 2FA key like this: ua-cam.com/video/xRmDIL9l3b0/v-deo.html
I was using Google Authenticator but you highlighted a few issues that warranted the switch!
Both of them, first I get password from google authentication then I use I 2FA.
Yep I was using G Auth, now switched to Authy better actually!
I am using google authenticator, Microsoft authenticator, lastpass authenticator for different purposes (e.g. work, personal, etc). Just read Authy's privacy policy - they share a lot with third parties "as required to provide their services". That's a NO-GO for me. MS and Lastpass are pass protected which is great. Google authenticator has been compromised already as far as I know.
I used to use the Google Authenticator, then the Microsoft Authenticator and now Authy Authenticator
I think Aegis is an option more interesting, it allows you to backup in a encrypted file in a cloud of your choice, and also give You the option to do it manually exporting that file and save it wherever You want. And You can switch from Google authenticator exporting acounts and it Will read the que code without a problem.
Thank you for sharing, I just started using GA. I'm that type of person who might upgrade in just a few years (My old phone's screen broke just after 1.5 years) so having an option for multiple devices is much needed
Glad I could help!
Keep using GA. Try to find articles about someone being hacked with GA, you won't find any. Even a basic SIM-SWAP is hard work. Carriers aren't THAT retarded.
Excellent presentation on the authentication apps. Well researched and clearly presented! Thank you.
What do yo think of Yubico's authenticator app? I don't think it has a backup option. I don't like the necessity of tying in a cell number for Authy. Microsoft is good, but not sure you can backup the seed key for the app itself...do you know? Also it does not run on the desktop. I'm in the camp of not wanting all eggs in one basket, so don't recommend PW protection and authentication codes in the same app. Really enjoy your channel content. Keep up the good work in educating others!
That was really helpful. Thank you so so much
Switched! Thanks for the heads up
Glad you made the switch!
Man, I know you probably won't see this; but I really appreciate the small things that most other content creators pass up, like timestamps.
Yeah that, or uh.. You know... He *could* focus on stuff like... NOT making videos around statements that are completely false? But hey at least he got the timestamps on there. (slow clap) very nicely done on those timestamps
@@DJStompZone Said false statements being...? (Not being an ass, genuinely wondering)
Great video.... I just dumped Google Auth all together. Question for you, authy looks good as I do like the multi-device option so I don't have to access my phone to get a 2FA code but I don't like giving them my mobile number. Microsoft auth backup in iCloud is great but would you happen to know the answer to this question - if I lost my iPhone and I decide to buy another iPhone three days later and I need a 2FA code before I get my new iPhone I am out of luck unless I have backup codes right?
Google authenticator is designed to be the equivalent of a hardware token on your phone. In other words, it's something you have and cannot be easily duplicated. While I agree that having the option of protecting my MFA is an extra layer of security, I believe that the biggest benefit is that someone only has access while they have my phone - i.e. they can't make a clone of it.
Best practice, in my opinion, is to use a password safe that contains my backup codes. Since most MFA systems only allow for one OTP seed, this forces me to retire the lost seed and then generate a new one.
Thanks for the input here, JT.
GA is perfect. ATS Clickbaiting
Until ya drop ya phone, all gone.
@@PutsOnSneakers Have a second phone stored in away at home.
1. In most Android phones an app can be secured within the phone. 2. When you enable 2FA, the website gives you 10 codes for backup to use for emergencies like when your phone breaks down, or lost, or stolen. Whene you switch phones the google authenticator has an option to transfer the registrations to your new phone, to the new authenticator. On the other hand if your app has somewhere a backup outside the phone guess what? That can be a target for hackers.
Awesome video buddy … thanks. Can you suggest any easy way to move out of Google Authenticator? Also a recommendation for a future video - please… comparison between the new iOS 15 2FA vs 1Password. Thank You 🙏
So glad I found your video, as I had been using it for a few logons without realising about the missing app lock - and that Microsoft does offer the feature.
Because 3rd party app lock is way more dangerous and Google knows this very well . Hacking in Gmail account is way more tough than hack some stupid 3rd party app lock in our phones .
I dropped Google Pay immediately after setting it up when I realised it didn't ask for any authentication on use. Switched to Samsung Pay, but that this no more :-(
@@JuliathePCGPinSW16 you need to unlock your phone, that's something..
Microsoft has acknowledged the leak of 250 million client's information from 2005-2019 in 2020.
Please, beautiful lady, listen to me and keep using Google Authenticator. Search the web for a single article about someone being hacked that was using GAuth, you won't find one for a reason.
For the PIN thing, your phone already has a PIN function. If someone "Hacks your phone" he'll know both pins anyways. Hacking (Hidden Remote Administration) a phone is near-impossible if softwares are up to date (unless someone has physical access to your fully unlocked phone for a few moments)
@@pushpendramakwana9910 100% accurate.
I print out my QR codes and place them in a secure location. This allows me to restore my setup when I wipe my device twice a year. Also, I like the idea of not having a backup as I find it more secure :-)
Yea, I understand that. Also, why do you print out the QR codes instead of the text backup codes that they give you?
Be careful how you print. If you're on wifi there could be a man-in-the-middle attack on your LAN. Anyone running Wireshark could see your documents in plain text as they are sent to the printer. Also, some fancier printers (usually laser printers) have hard drives in them that store what is printed. Best option is to use a real cheap inkjet printer via USB cable, the old-fashioned way. If you're printing sensitive info, I would go this route. You can pick up a printer like that for $30, but ink refills are ridiculous.
"Not having a backup is more secure" - since when?
@@andrewmurray1550 it is in terms of others getting access
@@andrewmurray1550 Having back up on other device is multiplying the chance of your 2FA being hacked.
Aegis authenticator is the way to go.I prefer to use open source apps when compaed to closed source as it is quite reliable .
yes!
What is the advantage of open vs. closed source?
Just did the switch thanks to this video! Thank you so much for sharing your knowledge!
This is really great advice. I just freaked out that this could happen, like if my phone broke i am screwed
Only if you don't have all your original account info and passwords. If you wrote down your original account set up info you are not screwed.
DO NOT LISTEN TO THIS GUY!! First of all you can password secure your phone with a password or a pin to block anyone from accessing your google authenticator. Second, yes you can make a backup with the key given to you when setting up the authentication procedure. Third, install the google authenticator on an airgapped used (old) cell phone for better security, DO NOT INSTALL ON MULTIPLE DEVICES!! you expose yourself and your keys!! and last and very important do not backup to your cloud, if anyone gets to your SIM card or calls the telephone company to get your SIM card replace they will have access to your cloud and all your apps including your authenticators. VERY IRRESPONSIBLE VIDEO!!
Funny I noticed this as well about GA, and this was my first experience with 2FA. Thanks Subbed!!
Thanks for the sub, James!
1password auto entering the 2FA code completely defeats 2FA. That's 1FA... The hen eats the egg.
yeah that suggestion is honestly a step back from google authenticator.
Agreed. Trading security for convenience is never a good deal.
but some people may be willing to do the risk as 2fa config is sometimes forced to be done in some accounts on some sites.
Only if your password database with the 2FA codes got compromised. If it's some other kind of attack, which 2FA could have prevented, it's not a big deal.
1password is garbage, this video is garbage. Surprising tbh.
Auto-filler pass-mgr
good one.
I use 2fas on my phone, and Authenticator Pro on my tablet. Both allow PIN protection and various backup options, as well as export options.
yup you're right bro. i also had a hard time with GA when i lost my phone. They have no back up or anything and I even emailed google about it. And they reply that it will lead to court because of the legality issues...BIG no to GA..
Thank you for the video. Why am I learning this lesson right now! I never bothered with 2FA previously. I always thought it was an odd sort of overkill. I had used 2FA before at work to access specific tools for an employer but that was it. I enabled the feature recently given concerns about security. I must say, If I were not a better person I would have fallen out with Google over this. I am unable to access accounts. I should have done my research before hand. I am grateful that I am finding this out now I hadn’t had the accounts long but the experience has been a huge time suck. If I had of watched this video or absorb everything I have researching this topic I would have opted for an alternative.
Responsible people will save the 2FA seed codes in a password manager, so losing your phone becomes a non-issue. Alternatives to Google Authenticator also exist, which enable you to backup your 2FA seeds into an encrypted file.
I just wonder and you clarify it well , thanks 👍
Glad it was helpful, Ewan!
Thank you this video was very helpful😀
As of Feb 2021 Google Authenticator now allows for export of 2FA's for backup, and when installing the App for the first time set a pincode to access it. This makes the product now the best there is if one does not like using cloud storage.
I'll never be convinced that being able to backup codes is more secure than not being able to. Your first point makes sense, however its a app feature that could be easily implemented and until google does Ill just use third party security apps to lock access to the app. Also, as of now google authenticator has a option to transfer your codes to other devices.
Thank you very much sir! this video really helped me!!
Thanks for those great information and tips. I get caught up in that situation with Google authenticator.
My pleasure.
You can make a back up of all your codes by taking a picture of a barcode for back up!!! There is an option in the settings!
Hey, man! You're good! Very good! Clear explanation, calm voice, real emotions, no faking, no overdoing it, no squeaking noises coming out of your mouth to make it "fun" and "cool", by some standards. No loud or annoying music... I was looking for Shakepay 2 step authentication explanation and stumbled upon your authenticator video. Don't know when you started your channel, but I wish you get hundreds of thousands subscribers soon! All the best!
Thanks so much, Vladimir!
I'm not even watching the video but I applaud the uploader for this effort and agree with your sentiment. Hate those trendies.
Looking into switching as well, mostly looking for the convenience of an "Approve" request like I get with some Microsoft sign ins and other accounts, looking for an authenticator app that can do that for any account I use in it. These were some nice points though, unfortunately I don't like the idea of device sync, I'm sure you know, it's similar to the "all eggs in one basket approach."
Yea, I completely get that. I don't personally use device sync either, but I do keep a local backup of my file for protection against theft or loss of my device.
Google need to add some kinda extra password to the qr so that only one get the access who knows the password
This was really helpful. I thought all apps had same issues as Google's. Glad to know there is a solution.
update on the authenticator app: it now supports a lock screen so you have to enter your phone passcode, fingerprint or faceID
You can just export google authenticator OTPs and import them on a second device btw. I have them on my phone and on my iPad for backup.
Josh, I have always used 2FA but only recently employed the Authy Authenticator app. I neglected to keep any backup codes when I was setting up my accounts. I didn't even consider this as an important step until watching this video. Is there a method of correcting this and storing codes now? Thanks for the great content.
Nice work
I just learnt something I didn't even know I needed. Thank you for the wake up call!
Glad it was helpful!
i switched phones and i dint backed up my codes, now i need my old phone with G-authenticator. Good video
Yea, you're not the only one that has happened to. So sorry for the trouble!
you can easily transfer from one device to the next. I literally just did that last month when i moved from OP 5t to a new samsung S21
You can export accounts to the other device like I did but actually switched to Authy!
You can transfer from within the app..
Omg
Google Authenticator has the ability to use Touch ID, and it also has a backup feature.
You are right man...
I'll switch soon to any other app u suggested.
Might pick Authy, I can install this on my main and old phone and only use the old phone when I need backup access if the current phone is lost/breaks.
Love it. The backup idea is perfect.
So basically if Authenticator required biometric unlocking of app you might still use it.
As for site code backup I just snap a pic of the setup QR codes with a cheap offline camera.
I think you have a point. I only setup google authenticator yesterday and out of curiosity I did a mock stealing of my phone by deleting some of my accounts without understanding it was a grave mistake. As I was a newbie, codes not being in sync with google could not cross my mind.
Yikes! So sorry about that, Raymond.
If a person doesn't use their device for anything important...never does banking on their phone, or anything "confidential", but just does it at home a PC...is there any reason to use 2FA? Thanks.
Thanks for opening my eyes with Google!!! I was starting using Microsoft authenticator before this video because has his own password, can backup and has his own password which found it much better for the situation in case lost my phone.
Glad I could help, Joel!
Wait a backup cloud option would bring itself some security issues. Even if they are (like they say) encrypted, someone who knows what he does and get access to these cloud saves can still decrypt them and get access now to all of your 2fa codes. It's better to write down the backup or recovery codes instead of using backup cloud saving, but the issue is that some sites like paypal or amazon do not provide any backup or recovery code for 2fa which is a shame.
I'm trying to decide which ch 2FA to use and I had a gut feeling Google one was not good. Thanks is for this!
One more authenticator with pretty good interface is Zoho OneAuth (India). At this moment it has iOS, Android and masOS versions
Unless the desktop apps have an unlock PIN does it not defeat your stated purpose in switching from Google Authenticator?
They do. Sorry I didn't show that. You can create a "master password" for the Authy desktop app.
Besides the point.
I totally get you. I always thought Google authenticator would have some backup feature to save all the account codes. To my horror when my phone got downgraded from Android 12 beta to 11, all my data was stored and could be restored except for Google authenticator. Had a painful time trying to recover each account one by one.
Will be switching over to authy!!
"Putting all of your eggs in one basket" which is exactly the Google business model
The problem with any 2FA is that if you lose it you need another way to get in. Google authenticator can be used as a backup plus its always a good idea to save backup fixed kets if available
Yes, backup is key.
Google added the transfer option which gives you a single QC to important to another but I just took a picture with another device them provider it out and put it in the safe as a backup.
Excellent content, thanks for the video. Definitely I’m switching from Google to Authy, however how simple it is to switch? Can we have a second application doing the authentication before disable the first one without compromising access to the account? Thank you.
YES! You can have multiple apps running the same 2FA as long as you scan the same code for both of them. So don't delete your Google Authenticator until you're absolutely sure that you have all the other codes successfully migrated.
@@AllThingsSecured Excellent and thanks again for your help. I just subscribed your channel and I will share it.
Some might see this as a security risk, but I don't mind taking responsibility of my own security: Aegis allows for the exportation and rescanning of your auth tokens. I have a few accounts that are shared and Aegis made it seemless for me to share the auth token
I am doing the switch right now. It's not as painful as imagined. You will be able to test out your authentication before saving the 2FA setting so that helps.
I have a tattoo of my QR code sketched on my inner-thigh. You know, maximum security so nobody can see my weird search history.
Very helpful channel. Thank you.
Susbscribed.
Thanks, Tony.
I factory reseted thinking I can’t get them so I turn off 2fa temporarily. Well discord didn’t turn it off and I almost lost my account. Luckly I had sms backup on but man not portable is very not fun. I still use google auth but I’m unsure if I trust the other apps.
GA has a “privacy screen” setting, meaning face recognition is instantly required when opening the app, unlocking your phone and (re) opening the already running app, etc.
Does this not resolve your no password concern for GA?? Seems secure to me.
It wasn't there when this video was released but it is now
@@Dabs_Rulez sooo the app team listened to criticism and just like space wolf said i acknowledge my mistake and will correct it
The main reason I switched to Authy is because it saves my info. My recent phone died, and so I downloaded the app on my new phone, and there was everything as it was on my old device. The google app was just completely wiped.
Thank you very much!
You're welcome!
having 2fa codes on your password manager seems like a horrible idea lol
Google need to add some kinda extra password to the qr so that only one can get the access who knows the password
Obrigado por compartilhar seu conhecimento! Eu utilizava o google authenticator, mas agora vou trocar.
Hello there, thanks for a very helpful video, I am not a fan of google authenticator too, and that's why I am trying to figure out how can I use Authy as 2FA app and not the google authenticator on Binance, can you please advise how can I do that? thanks
hey there man, i agree but the part you were talking about you can't lock the app is not true. many antivirus companies allow app locking which can be done easily but good video
If you have an antivirus installed on the phone and most have not. I personally stopped using antivirus on android for many years because the only thing what it did is generate traffic and needs a lot of battery, as someone who can see if a website or mail is wrong, blocking ads and cookies and only install well known apps from Play Store an antivirus is just useless.
Using Bitwarden with Microsoft Authenticator for years 😊
I don't understand the use of any authenticator. How is it different from using Bitwarden which I use?
@@cocatfan Bitwarden is a password manager mainly and not an authenticator. Yes, it does have TOTP authentication as premium feature. But the purpose of using an authenticator is to use a different device or app for additional verification. A person who can get into your password manager can also see your 2FA code if they are together and totally negates the purpose of 2FA.
Bitwarden + Microsoft? Like Privacy + Surveillance
@@twb0109 if it works well I'm ok with it. I also use both.
@@jorgemotta8290 yeah, people don't care about privacy
I feel all these options are slightly less secure than google auth. The only reason you would switch is to protect yourself from yourself. The fact that the codes are gone with the device is a good thing any additional back ups make you vulnerable especially to a SIM swap. Create a phone passcode that nobody knows and then use face ID or touch ID. There is no reason anyone should know your phone PIN code. There will always be a way to regain access to accounts that have google auth on them if you lose access to your google auth app. A decent site would not allow you to enable it without having a secure method of account recovery if you lost access to phone. Coinbase has a sytstem were they verify your identity and renable it. Most sites have a back up code generated at the beginning, just store it safely and don't lose it.
thankyou sir!
Most welcome!
the reason I use Google sync is because it is totally off line
you can back up Google Auth Back up by creating a qr code for a different device to scan
just go to transfer account -> export account and you can backup the code you need
(there is a small problem on the if you have too many as the qr code will be very big, the workaround will be splitting the code you need to backup to different group)
I have been doing this the sync for all 4 of my device
doing a cloud sync is a no no for me for security reason
and for the app cannot be lock issue, I mean when you are in a location more then yourself, you should always fully lock you phone before it leave you hand..........
Protip: save the various qr codes together with the security/recovery codes when you set 2FA, you'll be able to scan them on different devices.
Good tip!
Yeah, I snip the qr code, print that out then add the account to authenticator from that printout just to make sure the hard copy works. Label the paper and keep it somewhere secure with your other important documents. I recently re-flashed my phone and getting my accounts back in authenticator took 3 minutes.
@@levielliott4673 I use a password manager, but the concept is the same. Instant recovery in case I change phone. 😉
@@bufordmaddogtannen I use a password manager for passwords but figure the paper backup might be slightly more secure being a different basket to keep the 2fa in. Otherwise if the password manager were to get hacked they'd have my whole world. Same concept that people use for crypto and keeping private keys on paper rather than digitally on an internet-connected device.
@@levielliott4673 indeed. It's an additional layer of protection. Although I'd not be at ease putting qr codes together with, for instance, electricity bills (there they are unprotected) or in a safe (that's a target).
Maybe I'll have to hide things under the floor. Like John Wick. 😁🤣
I use Myki password manager. It comes with build in 2fa, hence I don’t need an extra app for this. The app is secure (either pin or face id), supports all devices, it’s not a subscription based, it’s one time payment and most of all, all of my data is stored and synced locally on the devices and you can manually or automatically backup your data. You and only you have access to your data as it’s not stored in a cloud somewhere.
It’s not perfect, nothing really is, but frankly, I love it
Glad you found something you love using!
Verry good video. Best password manager is definitely a sheet op paper 😂
I don't agree. 2FA is meant to be "something you have".
Along with that you have the regular which is "something you know". If you have access to your phone, it should be all you need to qualify as the something you have.
No, authy requires a phone number to set up and then you either get a verification code by text or call to your number to access your app. Then after that you have to enter your backup password to access the accounts. And just so you know backup passwords are never stored by authy meaning if you forget it you can’t recover it. Same for the pin. So authy is still as secure as google authenticator. And plus authy has a better UI than google authenticator
3:35 - It should be known that Authy doesn't allow access to the seeds for the 2FA codes. This means that if you get locked out of your Authy account (for whatever reason) then you could have to reset your 2FA accounts individually.
Does 1password have this feature?
That's fine. Have the seeds backed up to an encrypted container locked in your safe, for worst scenario situations. Should have Authy on several devices. I have Authy on several devices - phone / tablet / PC.
Once Authy is set up on several devices, turn off multiple device option and no one else can log into your Authy account unless you approve. Super secure and safe.
@@mementomori29231 how do you have the seeds locked up in a safe if Authy doesn't give access to the seeds?
Also, I can do everything you just said with every other 2FA app AND STILL have plain text access to the seeds for my codes. 🤷
I use and recommend Aegis Authenticator, which is available through the F-Droid open source app store.
But I’m still interested in switching to something like authy with multi device support. Thanks for the great video
Authy requires a phone number to setup.. that in itself makes it less secure than google authenticator. , > you can find hacking stories on this on reddit subs. also, having various 'backup' options in multiple devices might be good for convenience but bad for security. if you use google authenticator properly, i.e. downloading the backup codes as you should for your own security then there's no need to downgrade to authy
True.People just don't understand how google authenticator works.
Using your phone number to setup anything is not secure at all.Because of a "sim swap" attack.
Hold on a second, this just made me realize that if i lose my phone, i lose access to all my investments. Man thank you for explaining this. I am switching asap!
Could use double blind with 1password, make a part of the password that you will remember and type in and don't include that part in the password manager. That way no one will have the complete password making it more secure despite the fact that your 2fa is integrated.
Just curious if you have seen an issue with Authy where certain accounts do not sync between phone and desktop app.
Not me personally, but that doesn't mean it hasn't happened in the past. Either way, ALWAYS keep backup codes when setting up 2FA.
4:08 Aren't cloud services also susceptible to hacking? I've seen plenty of news of clouds being breached - Dropbox, Microsoft, Apple iCloud etc. I wouldn't put any important information and files on the cloud without it being encrypted first.
More than that I wouldn't even trust those companies themselves with my private information so I wouldn't even use them anyway
Bitwarden is used by proprivacy people
My phone is always locked so g app doesnt need to
I opened a Kraken account a few days ago. I didn't realize that they required 2F authentication until tonight or have a Yubi Key to buy/sell. So in order to facilitate the coming trades once my wire is accepted into Kraken, I would use Google authenticator and wait for the Yubi USB to arrive.
My question: can switch from Google authenticator to the Yubi USB without any problems? I am not a technical person. Thanks in advance.
Yes but the Microsoft Authenticator allows to lock the app. But the for this case we call this not only 2FA but MFA. This means that the app can be one option. There are still more. If the phone is away or the app deleted you are still able to have access. If your e.g. USB Device is broken or lost you have the same problem.
1) I trust a larger company more than a smaller one.
2) You can export all your codes via QR code to another unit. Even print it for safekeeping.
3) The fact that there is no app lock is not a deal breaker. 2FA is meant to stop hackers/phishers with no access to the phone.
4) You have affiliate links
1. The bigger they are, the harder they fall.
2. You can save backup codes when you setup any 2FA, so what's the difference between that and the QR code?
3. My home security system is supposed to deter thieves, but I still lock my doors. Your point?
4. My first two recommended options are not affiliate links, and I clearly declare that 1Password is an affiliate link because it's the one I use. Are you implying that this somehow taints my message?
btw .. you can lock the app with built in app lock feature :>
It is generally, if you want to be convenient and easy to use, security will be exposed. Therefore, I generally do not use automatic cloud backup, I am backing up my own method(You can back it up with a file, then you have to modify the name of it, and then upload it to your cloud. ).
BTW, I using andOTP APP, Because it is a completely open source application, and it can encrypt your file backups. You also need a pin or password to get in.
Yep , conveniency come with the cause!
andOTP is great and you can see the source code,so there no back door for third party to services to get in. All the security in your own hand!
Security and convenience are always inversely proportionate. If you really want to be secure you shouldn't even use the same device for your password manager and 2FA authenticator and even use physical USB keys (eg. Yubikey) for them, but not many people do that because it's very inconvenient.
Authy is pretty good, but looks a little old style. A set of Bitwarden and Authy is one of the solution or premium version of Bitwarden. It has built-in authenticator.
Your channel is about to skyrocket
Ok, then why do you still have your video on using Google authenticator on your channel from 7 months ago? Maybe delete it, it's confusing to have both. Cheers.
I use Microsoft authentication and I love it. I can recover my codes.
Good deal!
where do you put in a code? I'm so lost
@@rileynichol1016 Microsoft authentication gives you another code (number) that works like a second password, that code changes every 30 secs so it’s so complicated to hack. You just need to download the app and scan the QR to link the website to secure with Microsoft authentication.
@@pptx24 ty
@@pptx24 what if I only have 1 device?
Everyone should print 2FA keys and store safely and it's OK. Noone has access to your phone, so you should lock it with fingerprint, face recognition etc.
im using it rn, now how do. i delete the app? do i logout out and delete or just delete the app, im kinda scared after u have said all this because i use google authenticator a lot
I dropped Google authenticator last year for that same 2nd reason (no way to backup codes)
Yea, it's pretty scary, particularly if you keep your crypto backup codes on Google's app.
and a software shouldn't be so crappy that you need a second/spare phone, just to do an export to google auth on that phone, to put it away as a spare. How crap is that design!
there is a way though. Print the QR codes on paper and place them somewhere safe :) You could also print the emergency OTPs provided by the accounts that allow you to integrate 2fa. They are meant for scenarios like these :) Since the security risks for all these services are still non-zero, it would still be okay to use services that backup to the cloud though. Just know that they are less secure than using google 2fa.
See, I don't want my 2FA codes syncing to the cloud where hackers can get to it.
I get that.
If you're adding 2FA to your desktop app, you're violating 2FA if you also store the password in a password manager on that machine and it is unlocked, same issue on your phone.
Two factor needs to be two factors of security. Something you know: passcode, something you have: device.
You’re speaking of this as if 2FA is some sort of “moral code”. Is keeping your password and your 2FA on different devices a best practice? Absolutely. But what you’re describing still requires something you have (a device) and something you know (a password). In other words, it’s still 2FA. No “violation”.
I actually came to the same conclusion myself this week, and decided to switch to Authy.
👍🏻👍🏻
Do you know OTPAuth? You should give it a try. I thinks this app is awesome (Only available on iPhones)
Thanks for the tip, Mattis! I hadn't used it before. From what I see on the app store, I probably wouldn't use the notification center feature. Do you think it's worth the paid version when others like Authy are free?
@@AllThingsSecured Absolutely. On the iPhone it should be free. Only the Mac app bust be paid.
@@AllThingsSecured I am very satisfied with OTP Auth. It works well.
I agree, it's a much better option since it's open source. On Android "andOTP" is a great open source 2FA app.
First of all for the lock you can easily fix this by using app locker and in OnePlus and Xiaomi phone it's build in.
For the backup, you now have options to export the accounts
Exactly!
Nah
Ty , I have OnePlus and worked for me. But I have a question how it will happen when hackers have control over your phone, they can see what your password is or what?
It would have been interesting to hear how you migrated your keys to the other apps! Are you better than most of us at backing up your keys, or did you somehow export them from Google after all? How do you advise normal users to do this?
DO NOT LISTEN TO THIS GUY!! First of all you can password secure your phone with a password or a pin to block anyone from accessing your google authenticator. Second, yes you can make a backup with the key given to you when setting up the authentication procedure. Third, install the google authenticator on an airgapped used (old) cell phone for better security, DO NOT INSTALL ON MULTIPLE DEVICES!! you expose yourself and your keys!! and last and very important do not backup to your cloud, if anyone gets to your SIM card or calls the telephone company to get your SIM card replace they will have access to your cloud and all your apps including your authenticators. VERY IRRESPONSIBLE VIDEO!!
I am using Microsoft Authenticatior app on Android, I accidentally deleted my app from phone.
When i login same account with 'Already have account Begin recovery.' option but i didn't get any previous added 2FA account of other social media accounts.
Backup and sync option was enabled.
I didn't find and article or video tutorial for this. Is there any way to recover those backup?
Please help
Microsoft Authenticator is garbage and microsoft has been leaking client info since 2005 due to bad opsec.