undefined | Better HN

0 pointsdriverdan4y ago0 comments

There are multiple ways to avoid this, such as using an app that saves those keys (eg Authy) or using recovery keys.

0 comments

But then bad guy just logs in to Authy with the same stolen credentials because most normal people will probably use the same credentials for everything, including Authy. And arguably, the smartest tech-savvy folk wouldn't be storing their 2FA keys in the cloud like Authy anyway.

If your cloud account is protected by 2FA that's also in the cloud... it's turtles all the way down.

drexlspivey4y ago

How do you “Log in” to Authy? It’s tied to your Apple/Google ID afaik and the 2fa codes are also protected with a passphrase.

j / k navigate · click thread line to collapse

0 comments

dotBen4y ago

If your cloud account is protected by 2FA that's also in the cloud... it's turtles all the way down.

drexlspivey4y ago

How do you “Log in” to Authy? It’s tied to your Apple/Google ID afaik and the 2fa codes are also protected with a passphrase.

j / k navigate · click thread line to collapse