Authy got hacked, and 33 million user phone numbers were stolen - eviltoast
  • Scrollone@feddit.it
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    Also, Google Authenticator now supports backup. Aegis is another free alternative.

    • aard@kyu.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.

      • Scrollone@feddit.it
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        6 months ago

        It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)

        • Todd Bonzalez@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          Protip: Don’t do any of this, unless you hate your accounts being secure.

          An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.