Just use something like 2FAS app which allows you to backup and encrypted file and even save to google drive. 2FAS also has biometric and PIN locking which google authenticator does not.
I put Google Authenticator on an old phone. Even though the old phone (Samsung Galaxy S6) does not have service anymore, the authenticator still works. I keep this phone in my safe at home.
I am not too proud to admit that "smart" phones are one area that has always been quite beyond me, in great part because manufacturers attach precious little importance to providing proper, comprehensive instructions. Surely I'm not the only one? Perhaps you would consider "branching out" into that mysterious form of communication?
I hate the fact that, in order to use it, I have to have my phone with me. When I am working at my deskstation, at home, I do not tend to have my phone nearby. I prefer to receive a text, which I can access, from my PC.
I wrote some Perl code to spit out my TOTP auth codes, and I keep the secrets in an encrypted file on my PC. That way, I don't need access to my phone to successfully auth with TOTP. Receiving texts is unsafe. If someone hijacks your SIM card, they can get access to your verification codes.
If you put all these in your "Screenshots", or whatever, folder, how do you tell the difference between them? Isn't there a different QR code for each site, e.g., Fidelity, Citibank? Wouldn't you want to name your snip by the site name? Of course, this gives bad guys a road map, but we're assuming your using encryption or other protection.
How do you know Google will continue to allow a user to set up 2FA a second time on the same QR code? It seems insecure that they even allow using a QR code twice.
I have 23 accounts set up in Authy app. Do you expect me to turn off 23 accounts 2FA , then create new QR for each account and then save 23 QR codes . ??
That's almost exactly what I'm doing, albeit very very slowly. (I'm also moving away from Authy since they're discontinuing the desktop app.) But the video is more a reminder of what to do the next time you set up 2FA.
You can. The point here is, what if you lose the device on which you have Authy (or whatever 2fa app you use)? By saving the QR code or text string as outlined in this video, you can get a new/different device, install a new 2fa app and re-create your credentials more easily.
@libbyd1001 as Leo pointed out some time ago, Authy can be retrieved on another device without the original device. Refer to his last overseas trip when he lost his phone. At that time he recommended Authy because Google failed.
Use Acronis to clone the drive. (or similar software). You'd need a source drive and target drive; the target would need to be equal to or larger in capacity than the source
Most good authenticator apps let you export the secrets. For example, Google's app will let you export it as a QR code; you can take a picture of that and it becomes your backup.
@@askleonotenboom I don't get it: isn't the suggestion that one has a copy of the actual app settings? I see no way of copying these in the Google app so if I lose my phone (actually unlikely since I rarely carry it, but however!) I'v got no way of retrieving the use of it on another phone.
@@Wol747 This is something you do when you first setup 2FA. If your app doesn't allow export (as many do not), then you need to turn off 2FA, and turn it on again to capture the new code.
Just use something like 2FAS app which allows you to backup and encrypted file and even save to google drive. 2FAS also has biometric and PIN locking which google authenticator does not.
I think it is clever to save 2fa keys to separate keepass vault. It’s nice to know that I am not alone 😊
That’s exactly what Authy lets you do as a built-in backup feature.
If you must print codes - clear print memory if on shared printer
I believe google now does a cloud backup of the codes.
I put Google Authenticator on an old phone. Even though the old phone (Samsung Galaxy S6) does not have service anymore, the authenticator still works. I keep this phone in my safe at home.
Until you go to turn it on when you need it and the screen has died...
@@regwatson2017 I have more than one phone in the safe that has Google Authenticator on it.
I am not too proud to admit that "smart" phones are one area that has always been quite beyond me, in great part because manufacturers attach precious little importance to providing proper, comprehensive instructions. Surely I'm not the only one? Perhaps you would consider "branching out" into that mysterious form of communication?
I hate the fact that, in order to use it, I have to have my phone with me. When I am working at my deskstation, at home, I do not tend to have my phone nearby. I prefer to receive a text, which I can access, from my PC.
I never use my phone for this, as it is extremely rare I would browse on the phone
Sms is boring 😂 not all sms are available on PC, some services are blocking an access to SMS on PC if there is a passcode sent in sms
@@purgalimited What does boring have to do with it? I don't think security is a game.
I wrote some Perl code to spit out my TOTP auth codes, and I keep the secrets in an encrypted file on my PC. That way, I don't need access to my phone to successfully auth with TOTP.
Receiving texts is unsafe. If someone hijacks your SIM card, they can get access to your verification codes.
Thanks!
Thank you!
If you put all these in your "Screenshots", or whatever, folder, how do you tell the difference between them? Isn't there a different QR code for each site, e.g., Fidelity, Citibank? Wouldn't you want to name your snip by the site name? Of course, this gives bad guys a road map, but we're assuming your using encryption or other protection.
I happen to use different folders, but one way or another, yes, you need to identify which service the code belongs to.
How do you know Google will continue to allow a user to set up 2FA a second time on the same QR code? It seems insecure that they even allow using a QR code twice.
Google even has a nasty habit of dropping support for existing products... so I'm holding out on 2FA until it becomes more mainstream.
They don't know you set up a second (or third or whatever) device. That's all happening on the device only.
@@askleonotenboom
Hummm, I see
There's no way Google can tell which 2FA device you're using.
@@raylopez99 2FA in the form this video describes is standardized and used by many, many web sites. You really should be using it.
I put my QR screen shots and codes on a thumb drive. So they are save
Not so secret when many apps have access to your photos.
I have 23 accounts set up in Authy app. Do you expect me to turn off 23 accounts 2FA , then create new QR for each account and then save 23 QR codes . ??
That's almost exactly what I'm doing, albeit very very slowly. (I'm also moving away from Authy since they're discontinuing the desktop app.) But the video is more a reminder of what to do the next time you set up 2FA.
@@askleonotenboom Which Authenticator app do u recommend now ???
Why not just use Authy?
You can. The point here is, what if you lose the device on which you have Authy (or whatever 2fa app you use)? By saving the QR code or text string as outlined in this video, you can get a new/different device, install a new 2fa app and re-create your credentials more easily.
@libbyd1001 as Leo pointed out some time ago, Authy can be retrieved on another device without the original device. Refer to his last overseas trip when he lost his phone. At that time he recommended Authy because Google failed.
I also have another article in the pipeline: authy's desktop version is going away.
Are you sure the QR code and text code are guaranteed to be valid indefinitely?
@@pipe2devnull Nothing is EVER guaranteed in this world, especially tech. But it'll work as long as the (lost) 2FA device would have kept working.
what about microsoft authenticator? is there a similar thing?
this technique works with all Google Authenticator compatible apps, of which the MS authenticator is one.
Please make a video on How to clone a Window 11 Operating system to a USB
Use Acronis to clone the drive. (or similar software).
You'd need a source drive and target drive; the target would need to be equal to or larger in capacity than the source
But do I find the QR or text code if I already have my authenticator app set on my phone to do what you suggest, ie keep a copy as a-backup?
You can't. That's why you have to turn 2FA off, and then turn it back on again to get a new code.
Most good authenticator apps let you export the secrets. For example, Google's app will let you export it as a QR code; you can take a picture of that and it becomes your backup.
I@@dfs-comedy I've got the Google authenticator and if it"s got a way of doing that it's well hidden!
@@askleonotenboom I don't get it: isn't the suggestion that one has a copy of the actual app settings? I see no way of copying these in the Google app so if I lose my phone (actually unlikely since I rarely carry it, but however!) I'v got no way of retrieving the use of it on another phone.
@@Wol747 This is something you do when you first setup 2FA. If your app doesn't allow export (as many do not), then you need to turn off 2FA, and turn it on again to capture the new code.