![]() Take that printed out page with the QR code and keep it somewhere safe in your home. The QR code you see when setting up Google Authenticator can be read by any TOTP 2FA app, and it does not expire. When setting up 2FA that uses Google Authenticator it’s best you avoid using Google Authenticator altogether and use Authy, Aegis, 2FAS, or any other TOTP 2FA app instead.Īn even better idea is when you see the QR code to scan for Google Authenticator, you simply print that page out. You can only fit so much data inside the QR code, and limiting it to 10 is a safe number. Google is not open about why they do this limit, but it would seem obvious that they do it because of the character limit QR codes have. So if you have 32 accounts inside your Google Authenticator app you will have 4 QR codes, 3 will be for 1 to 30 and the 4th will be the last 2. The Google Authenticator app will only export 10 accounts at a time when you export. The Google Authenticator app or Aegis app can read this data and import your codes (10 at a time) at any time and without the need of an internet connection. What it basically means is that this string of text is OTP migration, and all your data is inside the gibberish of letters and numbers. What’s inside the export QR Code looks like this: otpauth-migration://offline?data=CkoKDZePmX7z8qHgFlH9yVcSIlRoaXNfaXNfYW5fRXhhbXBsZTplbWFpbEBlbWFpbC5jb20aD0V4YW1wbGVfV2Vic2l0ZSABKAEwAhABGAEgAA%3D%3D What’s In The Google Authenticator Export QR Code? You can also use a password manager for MFA, as described below.Here is just a short list of TOTP apps that I consider better than Google Authenticator: The following apps have a good reputation among security experts, though individual experts have their personal favorites. (These are also referred to as time-based one-time passwords, or TOTP, because they change every 30 or 60 seconds.) When you need to log in to an account, you enter your password, then open the authentication app to get the code you need to enter for MFA. Then the app will generate and keep track of your tokens-the temporary codes for each account. You’ll typically have to scan a QR code with the camera on your phone. To set up multifactor authentication using an app, you download the app, then use a browser on your desktop or laptop computer to go to each of your online accounts. “There are a lot of ways that phone numbers end up being a very brittle part of the security ecosystem that go way beyond the very sharp end of the spear that is SIM swapping.”Īnd MFA based on text messaging is inaccessible if you don’t have a phone signal because, for instance, you’re traveling internationally. “The issues that come up more often are going to be you lose your job and your phone gets cut off, or you’re on a family plan and you have a conflict with a family member who is the administrator of the plan,” she says. “SIM swapping is obviously a risk,” says Leigh Honeywell, CEO and co-founder of Tall Poppy, a social venture that builds tools and services to help companies protect their employees from online harassment and abuse. Then they can intercept messages directed to that phone number. A determined attacker may persuade a phone company to redirect someone else’s phone number to a new SIM card on their own device in what’s called SIM swapping or SIM jacking. Unlike authentication apps, text messages rely on your phone number, which is more vulnerable to criminal attack. Probably the most common way to use MFA is to have the site send you a text message with a code that you enter into a pop-up box.īut many security experts say there’s a better option: switching to an authentication app, which uses an algorithm linked to your device to continually generate numerical codes that expire every 30 seconds. That way, if a hacker gets your password, they still won’t be able to access your account. When you turn on MFA, which is available for financial sites, social media sites, and many others, you need a second factor in addition to your password to log in. But many people who use multifactor authentication (MFA) might not be using it in the most secure way, according to security professionals. That’s why security experts recommend safeguarding your accounts with another layer of defense, namely multifactor authentication (aka two-factor authentication). ![]() In a world riddled with data breaches, having a strong password isn’t always enough to keep your personal and financial information safe.
0 Comments
Leave a Reply. |