alt.hn

4/2/2025 at 9:37:34 PM

Tell HN: Google Authenticator lost all of my codes

by maxbond

4/3/2025 at 12:24:11 PM

I use Authenticator Pro on Android. It offers backup and it's own encryption password --- not the same as the Android phone access key. Every authenticator app should do this in my opinion.

https://github.com/ispwd/AuthenticatorPro

In addition to this app, I keep all my passwords in a text file encrypted with AES256. And yes, my secret tokens used for 2FA are included in this file --- not the best but very convenient as I only have one file to backup.

I wrote my own simple Windows command line utility to decrypt this file in memory, search for an identifying string, retrieve the secret token and generate 2FA time based codes as needed.

As a backup to my phone, I keep this small utility and my password file (along with other crucial documents) on a micro-SD card which is further encrypted by BitLocker. This is attached to my watch strap which goes everywhere with me --- even the shower. The data is as safe as I am, if not safer.

https://www.thingiverse.com/thing:6784665

by jqpabc123

4/2/2025 at 9:41:17 PM

Unfortunately related: Tell HN: 2FA code for Google account gone after Google Authenticator update https://news.ycombinator.com/item?id=42510300

by gnabgib

4/2/2025 at 10:23:12 PM

Use a cloud sync solution like 1Password or Bitwarden. That way all your 2FA is in the cloud and available on all your devices.

It is less secure but way more convenient.

by solardev

4/3/2025 at 3:30:55 AM

When your password and the time passcode are stored in the same database thats literally not 2FA (second factor).

Rather use apps like Authy or Ente on your phone(something that you have) that could sync.

by mindwork

4/3/2025 at 3:43:24 AM

It is less secure than 2FA on a phone but more secure than without. (ie: your password leaking/hacked and the source is not bitwarden).

by csomar

4/2/2025 at 10:25:40 PM

The irony is that what appears to be the update which messed me up was to introduce cloud sync.

by maxbond

4/2/2025 at 10:03:43 PM

If you're starting over, use Bitwarden Authenticator:

https://bitwarden.com/products/authenticator/

Supports import & export, which is something Authy -- what I used to recommend instead of Google Authenticator -- does NOT support.

by biglyburrito

4/2/2025 at 11:48:36 PM

How is that different than Google Authenticator backups?

by yarrowy

4/2/2025 at 10:35:25 PM

I personally use Authy, free, without cloud sync. When I upgrade my iphone (typically every year) all codes are in the new phone. As easy as it should be.

Does anyone know what other apps “survive” phone upgrade, maybe not just iphone but android too?

by ecesena

4/3/2025 at 1:30:16 AM

What if you lose your phone?

by hboon

4/3/2025 at 2:06:25 AM

With Ente Auth it's possible to export 2FA to textfile.

Then it's possible to import it at numberstation at Linux, and some 2FA apps at Ubuntu Touch.

For passwords, keepassxc reboot.

by xet7

4/2/2025 at 10:31:14 PM

Fool me once … It used to not even have a way to backup. Having your auth keys on your phone is not actually a good idea.

by sitkack