<

My experience with Multi-Factor Authentication applications

Published on
3,286 Points
186 Views
1 Endorsement
Last Modified:
Thomas Zucker-Scharff
Veteran in computer systems, malware removal and ransomware topics.  I have been working in the field since 1985.
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.

Why Use Multifactor Authentication?

I have been a big proponent of multi factor authentication for quite a long time.  I believe that using 2FA (Two Factor Authentication) adds an extra layer of security that we all need.  I use 2FA on as many sites as I can, as well as installing it on my own blog.  My logic is fairly straight forward.  If someone tries to hack into my accounts, they may be able to get at my and username and password, but unless they wish to take my phone away at the same time, they are unlikely to be able to hack my accounts (now that I have said that, I'll most likely be hacked).  


Authy and Authenticator

I switched from Google's Authenticator app to Authy so that my 2FA tokens would be backed up in the cloud.  In this way I wouldn't have to go through disabling all my 2FA accounts when I switched phones.  This was a real draw.  I was easily able to switch applications.  I created a backup password that I would need to use in order to decrypt the Authy tokens when I changed phones.  Every so often Authy would prompt me to enter my backup credentials to make sure I would remember them.  After a while I fell into the trap of ignoring this message, dismissing it without entering the password.


Disaster strikes!

Everything was running along smoothly until recently when I had to get a new phone.  My phone was run through the clothes washer - it was very clean, but would not turn on (I didn't even try until I had left it over night, buried in rice).  So off to the store to buy a new phone I went, and ended up with a Samsung Galaxy S8.  Almost everything was able to download to the new device, except that I had to put in all the new settings. (still not finished)  That is when I discovered I was unable to access my Authy tokens, because I had forgotten the backup password.  Authy support, although very understanding, couldn't help because they don't store the backup passwords in plain text.  


I was eventually able to get into all my accounts, and either disable and re-enable 2FA, or use a different token to gain access and change the 2FA code.  I would like to put these tokens in Authy again, but so far I have been unable to delete my account in order to do so.  Right now they reside in the Google Authenticator app where they are not being backed up, although I did generate a new set of recovery codes in case I am unable to get access to my phone.


UPDATE: I was finally able, with the help of Authy support, to delete the encrypted Authy tokens and create new ones. I now have the backup password stored in a safe place.


The take away:

So the question most people ask now is "If it is so much trouble, why do it at all?"  The answer is easy.  If you don't use multi-factor authentication you could have your email, and other accounts, more easily compromised and become another John Podesta.  Yes, two factor authentication does involve another step.  Yes, it does involve some setting up to begin with. But you have to ask yourself one simple question, what is "not getting hacked" worth to you? For instance, is it worth a little setup time and a fairly short delay when logging in?  I believe the answer has to be Yes.


1
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
0 Comments

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Join & Write a Comment

Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month