Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Take the pain out of two-factor authentication with an app

Glenn Fleishman | Oct. 31, 2014
Increasingly, online services are requiring two-factor authentication instead of simple old passwords. Too bad that authentication can be such a hassle. Here's how to make it easier.

Drawbacks
The key problem with these auth apps? Losing the keys that lets you generate the codes! I found this out the hard way after first using Google Authenticator and having to restore my phone. Even though I had a full backup, Authenticator does not save keys in a way that can be restored, even with a full iTunes password-protected iOS backup. You have to re-enter your keys.

Authy prevents this problem by syncing data among devices registered to the same account and backs up the keys and other settings in the cloud. This is convenient, and imposes remarkably little additional, even should their security measures somehow be overcome. Because you are syncing only a single factor--another advantage of 2FA. (Someone could conceivably recover your Authy password, but then they'd need one of your trusted devices, too, which you could protect with a separate PIN or fingerprint. The odds of that wind up being pretty slim.)

Regardless of Authy, you need to make sure you have a separate backup plan. Depending on the service you use, you'll be offered a recovery code, one-time login codes, or a way to store the initial key. Make sure and encrypt those so that someone gaining access to one password or your computer wouldn't be able to access your 2FA recovery details, too! I use Yojimbo and 1Password, both of which have strong encryption options, and I have picked unique, strong passwords.

If you've been delaying turning on 2FA because of the fuss, I hope that these authentication apps will give you the confidence to add another factor. It feels like swallowing your medicine, but it's surest way to increase your personal security immunity--not perfectly, but a solid bump up--and keep your accounts to yourself.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.