![]() ![]() And the biometric 2FA for services that support it (so far, I’ve only seen it used with certain corporate MSFT services) are a nice cherry on top. ![]() Your phone got stolen or heavily damaged. Note: I know Authy exists and had this functionality of cloud syncing 2FA keys between logged in devices for years, but for some irrational reason i was sticking with the “simpler is better, and i somehow trust google more with this one”, but luckily, I trust MSFT with my 2FA no less than i would google, perhaps even moreso. On Google Auth and any other service using TOTP provides you the time-based tokens, but they understand the possibility of losing the device or not being able to access the codes. That would still not solve the problem of manual transfer and disabling/re-enabling 2fa for every single service, but that would be much better than losing the device. Prior to this, i was seriously considering getting a cheap backup phone to which i set up all the 2fa codes simultaneously with my main phone, then put that cheap phone in a bank cell/safe/etc., and then rely on it in case something happens to my main phone. No more stressing about something happening to my phone, as long as i have my (single) primary recovery key stored on a piece of paper somewhere safe (as opposed to having a paper recovery key for every 2fa service i use). nodejs otp browser two-factor hotp authenticator hmac google-authenticator two-factor-authentication 2fa one-time-passwords Updated TypeScript ente-io / auth Star 997. Microsoft Authenticator solves both of those problems, as they have recently (less than a year ago iirc) added a “backup to cloud” feature. One Time Password (OTP) / 2FA for Node.js and Browser - Supports HOTP, TOTP and Google Authenticator. If i upgrade phones? I have to disable and re-enable 2FA on my new phone manually for every single service I use. Create and verify cryptographically secure Time-based One-time Passwords (TOTP) using the HMAC-based One-time Password (HOTP) algorithm. If i store my 2FA in google authenticator and something happens to my phone? I am in a world of serious pain. From Facebook to Crypto trading platforms like WazirX, all have options of using a TOTP with apps like Microsoft /Google Authenticator. Google Authenticator app supports both Time-based One-Time Password (TOTP) and HMAC-based one-time password (HOTP) OTP generation algorithms, which allows using it with more resources. Why? I have already mentioned it in other comments before, and it is due to Google’s insistence on not implementing recovery from backup. The use of TOTP or Time-based OTPs is slowly rising. For me personally, Microsoft Authenticator started ruling as well recently, after 5+ years with Google Authenticator. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |