SandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish · 5 months agoAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comexternal-linkmessage-square185fedilinkarrow-up1742cross-posted to: privacy@lemmy.worldselfhosted@lemmit.onlinelinustechtips@lemmit.onlinetechnology@lemmit.online
arrow-up1742external-linkAuthy got hacked, and 33 million user phone numbers were stolenappleinsider.comSandbagTiara2816@lemmy.dbzer0.com to Technology@lemmy.worldEnglish · 5 months agomessage-square185fedilinkcross-posted to: privacy@lemmy.worldselfhosted@lemmit.onlinelinustechtips@lemmit.onlinetechnology@lemmit.online
minus-squareScrollone@feddit.itlinkfedilinkEnglisharrow-up4·5 months agoAlso, Google Authenticator now supports backup. Aegis is another free alternative.
minus-squareaard@kyu.delinkfedilinkEnglisharrow-up3·5 months agoAnd as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
minus-squareScrollone@feddit.itlinkfedilinkEnglisharrow-up2·5 months agoIt’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
minus-squareTodd Bonzalez@lemm.eelinkfedilinkEnglisharrow-up1·5 months agoProtip: Don’t do any of this, unless you hate your accounts being secure. An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.
Also, Google Authenticator now supports backup. Aegis is another free alternative.
And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.
It’s completely optional to connect a Google account. You can always back them up using the QR code (just take a picture with another device)
Protip: Don’t do any of this, unless you hate your accounts being secure.
An encrypted backup, and a stash of recovery codes for important accounts is the most secure way.