@[email protected] to [email protected]English • 4 months agoAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comexternal-linkmessage-square186fedilinkarrow-up1738arrow-down16cross-posted to: [email protected]selfhostedtechnology
arrow-up1732arrow-down1external-linkAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.com@[email protected] to [email protected]English • 4 months agomessage-square186fedilinkcross-posted to: [email protected]selfhostedtechnology
minus-square@[email protected]linkfedilinkEnglish4•4 months agoAlso, Google Authenticator now supports backup. Aegis is another free alternative.
minus-squareaardlinkfedilinkEnglish3•4 months agoAnd as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
minus-square@[email protected]linkfedilinkEnglish1•4 months agoIt’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
minus-squareTodd BonzalezlinkfedilinkEnglish1•4 months agoProtip: Don’t do any of this, unless you hate your accounts being secure. An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.
Also, Google Authenticator now supports backup. Aegis is another free alternative.
And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
Protip: Don’t do any of this, unless you hate your accounts being secure.
An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.