SandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish · 4 months agoAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comexternal-linkmessage-square178fedilinkarrow-up1740arrow-down17cross-posted to: privacy@lemmy.world
arrow-up1733arrow-down1external-linkAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comSandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish · 4 months agomessage-square178fedilinkcross-posted to: privacy@lemmy.world
minus-squareScrollone@feddit.itlinkfedilinkEnglisharrow-up4·4 months agoAlso, Google Authenticator now supports backup. Aegis is another free alternative.
minus-squareaard@kyu.delinkfedilinkEnglisharrow-up3·4 months agoAnd as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
minus-squareScrollone@feddit.itlinkfedilinkEnglisharrow-up2arrow-down1·4 months agoIt’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
minus-squareTodd Bonzalez@lemm.eelinkfedilinkEnglisharrow-up1·4 months agoProtip: Don’t do any of this, unless you hate your accounts being secure. An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.
Also, Google Authenticator now supports backup. Aegis is another free alternative.
And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
Protip: Don’t do any of this, unless you hate your accounts being secure.
An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.