@SandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish • 3 months agoAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comexternal-linkmessage-square185fedilinkarrow-up1741arrow-down16cross-posted to: privacy@lemmy.world
arrow-up1735arrow-down1external-linkAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.com@SandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish • 3 months agomessage-square185fedilinkcross-posted to: privacy@lemmy.world
minus-square@Scrollone@feddit.itlinkfedilinkEnglish4•3 months agoAlso, Google Authenticator now supports backup. Aegis is another free alternative.
minus-squareaardlinkfedilinkEnglish3•3 months agoAnd as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
minus-square@Scrollone@feddit.itlinkfedilinkEnglish1•3 months agoIt’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
minus-squareTodd BonzalezlinkfedilinkEnglish1•3 months agoProtip: Don’t do any of this, unless you hate your accounts being secure. An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.
Also, Google Authenticator now supports backup. Aegis is another free alternative.
And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
Protip: Don’t do any of this, unless you hate your accounts being secure.
An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.