2FA

My many ramblings

2FA

In this day and age, two-factor authentication (2FA)  is basically a must. I try and use it on any system that supports it. I have a Yubikey and I am a massive fan of this but not everything supports U2F and sometimes it’s not convenient.  I recently have seen an announcement that Yubikey is developing a Lightning based version including USB-C which is awesome,  as at the moment I have a suboptimal experience with my new Mac.

 

 

Suboptimal

 

For the systems that don’t support my Yubikey but do support the Google authenticator protocols, I have moved to using Authy as the 2FA application.  The primary reason behind this Is that I use multiple devices and having to add secrets multiple times and then keep them in sync is a pain. For me using multiple devices (2 iPhones, iPAD, Mac & Work Laptop) It was too much hassle to try and keep them in sync. Authy has a sync feature that totally solves this.  Add once and the token is passed to all your other devices.  One feature that I only found out post install is that Authy works on an Apple Watch.  For me, this is a killer feature that I didn’t even know I needed.  I have had occasions in the past where I have been away from home and my iPhone has a flat battery etc.

Some people may be unhappy with the secret synchronizing feature of Authy. For me, this is a very acceptable trade-off.  It can be turned off if required and in the event of a device loss, I can revoke access from any of the other devices.

Revoke

I recommend having a look at twofactorauth and adding any company/device that supports it.   A few companies were listed that I use but wasn’t aware they supported 2FA

I have a few more of my lab systems to add but at the moment I have 16 services in Authy with a subset shown below