Authy got hacked, and 33 million user phone numbers were stolen - eviltoast
  • aard@kyu.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    6 months ago

    And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.

    • Scrollone@feddit.it
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      6 months ago

      It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)

      • Todd Bonzalez@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Protip: Don’t do any of this, unless you hate your accounts being secure.

        An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.