Bye Bye Google Authenticator
Are you still using Google Authenticator? I was, but a few months ago I migrated everything off it. Google Authenticator has no backup, no device sync, and no recovery option if you lose your phone.
If you use 2FA (2-factor authentication) on your important sites (you should be!) then you can lose access to all of them at once if you lost your phone. The only solution is to backup the seed key when you set up the account (the key or the QR code) or have backup codes for each site. Many services that use 2FA do not offer backup codes and many only offer the QR code without the text code for easy backup.
One thing I don't think a lot of people know is that 1Password supports one-time passwords that are compatible with Google Authenticator. These are stored with AES256 encryption in your wallet storage, and can be synced across any device (mobile or desktop, and now even Linux).
Unfortunately, the one-time password support isn't very intuitive but it is extremely effective. 1Password is available as an online service or stand alone. Data is encrypted on your device prior to being transmitted to the cloud or whatever service you use to sync your devices (typically Dropbox if not using their online service).
1Password is the most open and transparent company about their security practices and has proven to be more secure than popular alternatives like LastPass and Roboforms.
How do you use one-time passwords in 1Password?
You will need to edit a Login for a website inside of the 1Password app or on the mobile app. Go into the section where you can set up labels and new fields.
In the new field section type in
one-time password and you will see a new icon on the right side show up.
Click on that, and then go to one-time password
You will then get another icon to scan the one-time password.
I find adding new one-time passwords best from mobile as you can easily scan the code.
On a desktop, though you can use the clipboard screenshot of the QR code or from a file.
Just save it, and you are done.
When you go to fill in a login form, there will be a new option for one-time password.
This is synced to all devices you use 1Password on and is also encrypted. You are no longer dependent on device and you have real-time backups of your 2FA keys.
I know Authy does this as well but it is also tied to a phone number, cell phones are really bad 2FA devices as it is very easy to social engineer the provider to clone a SIM. It only takes 1-2 attempts to get an employee that would be happy to clone a third party SIM without proper authorization.
Any service that uses SMS as a second factor is doing you a disservice and are putting you at risk.
Witness & Administrator of four full nodes
My recent popular posts
The truth and lies about 25% curation, why what you know is FAKE NEWS
WTF is a hardware wallet, and why should you have one?
GINABOT - The Secret to your Sanity on Steemit
How to calculate post rewards
Use SSH all the time? Time for a big boy SSH Client
How to change your recovery account
How curation rewards work and how to be a kick ass curator
Markdown 101 - How to make kick ass posts on Steemit
Work ON your business, not in your business! - How to succeed as a small business
You are not entitled to an audience, you need to earn it!
How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong!
Building a Portable Game Console