ugh when your phone dies your authenticator accounts die with it, that’s a nuisance.

Authy stores your authenticator codes in the cloud, which seems like an unacceptable security risk until you have a phone die with no way of restoring from backup and it took all your 2FA codes with it.

If you’re using Google Authenticator, I recommend Authy with a complex passphrase instead unless you’re Snowden-level paranoid.

Back when I used Google Authenticator, I put TOTP on as few accounts as possible precisely because I was worried about the lack of backups.

Then I learned about andOTP, and now I put TOTP on everything that allows it and keep an export file in my backups. The password on the export file is a bunch of gibberish kept in a KeePass vault.

(*SMS* verification, however, is still bullshit.)


#reply via reblog #recs #Brin owns *two* 2010’s computers now #101 Uses for Infrastructureless Computers #amnesia cw?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.