Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


3039 posts

Uber Geek
+1 received by user: 745


Topic # 198687 19-Jul-2016 09:46
Send private message

I've not yet found the time to switch to using 2FA, but reading some posts here reminded me it's time to get around to getting this sorted for at least some key sites.

 

Are there any particular reasons why I should select Authy over LastPass Authenticator? I'm already a LastPass Premium user, but not sure if this in itself is reason enough for me to use it.

 

I'm assuming I can use Authy to require 2FA for accessing LastPass? (Given that's my biggest vulnerability, so being able to do so is a critical factor.)

 

I understand that one needs to always have access to a phone to be able to use LastPass Authenticator, whereas Authy can work if need by solely via a browser (certainly a tick for Authy). I'm assuming, though, that LastPass Authenticator does at least back up to the cloud? If so, at least this doesn't have the huge limiting factor of Google Authenticator in that you're fairly screwed if you lose your device.

 

Any reasons as to why one is preferable to the other (and whether there are benefits from using LastPass' product, given I use its password management) most welcome!

 

Thanks.


Create new topic
BDFL - Memuneh
61305 posts

Uber Geek
+1 received by user: 12044

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1595105 19-Jul-2016 15:36
One person supports this post
Send private message

If you have LastPass already then is one less app to install - keep using it. In my case I use Authy and LastPass, simply because I adopted 2FA wherever possible way before LastPass brought their own implementation.







3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1595330 19-Jul-2016 22:06
Send private message

 

 

Thanks for the advice; I've followed it, and enabled 2FA in LastPass. This went without any problems, so it's functioning fine on my phone, but...

 

The problem is I share a LastPass account with my wife; we also share the laptop with a single login (queue the howls of disapproval!). It seems that Lastpass Authenticator can't be set up to access the same LastPass account on more than one device. Hence, if it's on my phone, my wife can't have it on hers, which kinda makes it unworkable for us. 

 

Are there any ways around this?

 

I came across the ability to use the same Google Authenticator account on multiple devices (one option was simply printscreening the QR code and scanning it on each device - this doesn't work with Lastpass).

 

I also see that Authy's not listed as one of the supported options for LastPass (whereas Google Authenticator is), so Authy's no use given my key desire is to provide 2FA for LastPass!

 

Despite the heavy criticism of Google Authenticator, is my best bet to try this?

 

Thanks for any further advice... 


BDFL - Memuneh
61305 posts

Uber Geek
+1 received by user: 12044

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1595333 19-Jul-2016 22:08
One person supports this post
Send private message

Wherever your read Google Authenticator you can replace with Authy. They are the same and Authy offers true sync between devices.

 

I use Authy is 2FA for my LastPass account. If LastPass doesn't work in that situation then you might have to revise the adopted solution.







3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1595339 19-Jul-2016 22:13
Send private message

freitasm:

 

Wherever your read Google Authenticator you can replace with Authy. They are the same and Authy offers true sync between devices.

 

I use Authy is 2FA for my LastPass account. If LastPass doesn't work in that situation then you might have to revise the adopted solution.

 

 

Well, if you say Google and Authenticator and Authy are essentially interchangeable, I'll give it a go trying to secure LastPass with Authy (selecting Google as the option). It's worth trying anyway, unless there's a flaw to that plan? Thanks for this.


BDFL - Memuneh
61305 posts

Uber Geek
+1 received by user: 12044

Administrator
Trusted
Geekzone
Lifetime subscriber

Stu

Hammered
5066 posts

Uber Geek
+1 received by user: 1067

Moderator
Trusted
Lifetime subscriber

  Reply # 1595345 19-Jul-2016 22:21
Send private message

I also use Authy. As mentioned above, use it anywhere Google Authenticator is mentioned. Lastpass for passwords and Authy for 2FA is a good combination, for me anyway.




Keep calm, and carry on posting.

 

 

 

Click to see full size Click to see full size




3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1595353 19-Jul-2016 22:42
Send private message

Thanks so much, guys - got Authy working on both our mobiles and the iPad! Now to get 2FA enabled for other sites other than LastPass, eg Google, Microsoft etc... 




3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1595427 20-Jul-2016 08:29
Send private message

One question that hopefully someone can answer: is there any trick to forcing the Authy app to sync across any devices logged into the same account?

 

After adding a Google account on the iPad, I went to authenticate using Authy on my phone, only to find it wasn't there. Went back to the iPad and used that to authenticate; only after that did that Google account show up in Authy on my phone. I see that other accounts I set up on the iPad (but have not actively used since setting up) are still not visible on the other devices.

 

Is it that, until an account is used on the device it was initially loaded, it will not be synced across any other device? Or is there something I'm doing wrong or a setting I cannot find?

 

I've not been able to find any advice regarding this on the web, which may just reflect my white belt in Google-fu. Thanks for any ideas.


BDFL - Memuneh
61305 posts

Uber Geek
+1 received by user: 12044

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1595431 20-Jul-2016 08:34
Send private message

Have you enabled multi-device?

Authy is a bit leggy on replicating accounts but they get there. You don't want to add an account, remove and then add again because this will cause problems as Authy archives the account for 48 hours before removing it forever.






3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1595437 20-Jul-2016 08:40
Send private message

freitasm: Have you enabled multi-device?

Authy is a bit leggy on replicating accounts but they get there. You don't want to add an account, remove and then add again because this will cause problems as Authy archives the account for 48 hours before removing it forever.

 

Yep, have multi-device enabled (hence an account syncs, but only once used on the original device!).

 

But your other point regarding adding/removing/adding accounts could well the problem - I ended up having to do this on my wife's phone as I'd stupidly used her mobile number on her device, rather than ensuring it had mine (ie, all the same details as on the other devices). I had to remove and reinstall the app, then combine accounts with the same phone number. If this is the cause, I'd imagine it'll sort itself out in the next couple of days.

 

Thanks again for your help, Mauricio.




3039 posts

Uber Geek
+1 received by user: 745


  Reply # 1596118 21-Jul-2016 12:03
Send private message

I have to say that, based on my experience thus far, that for many sites 2FA isn't at a stage where I can see there being huge buy-in from the wider populace - it can be a real $@#$ getting it working on some sites, and there's so much variation as to how to set it up. A pity, as I'd imagine those who are most unlikely to add it to their security arsenal are also those most likely to need it (ie, likely to have poor password management/selection)!

 

In particular, I found the Office 365 set-up a bit convoluted, but wonder if that's made more complex by it being a business account (even though for only one user!)? Others like Google and LastPass were straight-forward (especially as there are often detailed walk-throughs for such sites).

 

What shocks me is that neither eBay or (more importantly) PayPal seems to have 2FA available here in NZ; it appears that PayPal provides text-based authentication to US-based clients, but I've had nil luck enabling it in my account (eg, the ability to verify a mobile number is just not present in settings, despite it showing in various online guides). Has anyone here managed to set it up for PayPal?

 

Also disappointed by my own bank (Kiwibank) which has told me that a move to provide 2FA is on the "distant horizon"; personally, I'm not that happy with their security question approach on the website, and solely relying on a 4-digit pin on the app. (But then again, they generally are sooooooooooooo slow with adding such features - they also said they've got no plans to provide real-time credit card transaction reporting. I can't imagine they also have any plans to enable contactless payment by NFC either!)


Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.