Do you rely on SMS, or use an app like Google Authenticator? Or do you manage them in your password manager like 1Password? Why did you pick the tool you use?
I use 1Password. I appreciate the simplicity that 1Password provides me with being able to paste in my shortcode, and then it restores my clipboard. I did have some reservations about putting my password and 2FA in the same location, but I've accepted it.
I use Authy and 1Password. The main benefit over Google Authenticator for me is that both apps support backup/syncing of your code across devices, so you won't lose access when you lose your phone and you don't have to do anything when you migrate to a new device.
Authy + 1Password. Haven't tried using 1Password for 2fa, as it's a hassle to switch everything over.
1Password is my favorite 2FA app because it effectively balances convenience with security. It's better than SMS because you don't have to worry about your phone number getting ported by a motivated attacker.
It does place all your eggs in one basket, but if you're really worried that someone has determined your primary encryption password and stolen your encrypted password manager file, you are probably being targeted by a very advanced attacker (e.g. nation/state), and therefore have much larger issues to worry about. (Use a security key and enroll yourself into Google's Advanced Protection Program, ASAP. Or just stay offline! :-D)
FWIW, I worked for Duo Security and other 2FA vendors in the past. Duo is by far the best 2FA solution for businesses. Duo Mobile is a great choice for managing your consumer TOTP tokens, but you'll still need a password manager. Some folks will argue that keeping your 2FA app and password manager app separate. To them, I would ask, "what threat model they are protecting against?" Like businesses, your goal should be to a less interesting target than someone else. Using 2FA at all makes you much less likely to be a target. To keep using 2FA you will want to make it convenient for yourself, which is why I recommend using 1Password for your 2FA (and backup) codes.
Authy, mostly because I've been using it since 2014. A few others have come after, good ones, like the one from google. At this point, authy gives me all I need. Besides, I don't want to break what I know it works (or go through the pain of migrating data)
If you haven't checked out the @nopasswords revolution at Trusona you're missing out. It's a free app and founded by the "Fraud Father" Ori Eisen whom created the 41st parameter to detect fraud and sold out to Experian a few years ago. It's a game changer.
+1 for Authy. I've had to go through the reset process too many times when switching phones. Being able to back up tokens to the cloud and access simultaneously on multiple devices is priceless. Haven't yet tried to use Authy to share a logon between multiple team members but that will be a gamechanger for us!
I use LastPass for passwords, and LastPass Authenticator for 2 factor codes. The password storage is cross platform, cross browser, and the authenticator backs up into your LastPass database. This works out well for me, as I use many devices, and I need to have the loss of device recovery path well established.
Duo is the easiest, cleanest solution I've used. Less for personal and more for work, though.
I use Authy for 2FA because it is available and works across most devices/platforms. Google Authenticator works just fine but Authy offers more features.
I'm also a 1Password user for password management but haven't used it for 2FA yet and honestly, I did not know they supported 2FA!
I also look forward to trying decentralized & blockchain-based identity management and verification solutions such as Civic.
Primarily 1Password. On sites that support U2F (Google, Github, Stripe) also Krypt: https://krypt.co/
You pair your browser with the iPhone/Android. When the site needs a one time token, it pings your phone, you get push notification and approve with one click. If you have an Apple Watch it will vibrate, one click to approve.
Works like magic. Wish more sites would adopt U2F.
Three major considerations I have been using to evaluate the plethora of options available: 1. Effortless/non-intrusive: It shouldn't feel like a video call 2. Price: As this app would be complime...
Hey guys, first post here. As part of my work, I have to deal with and respond to a lot of incoming messages from different chats: Linkedin/WhatsApp/Signal/IG. I try to use Unreads/Archive features...
It's hard to imagine the world without software—without video calls and instant messages and spellcheck and all the tiny bits of software we rely on without thinking. What software changed your li...