You are viewing a single comment's thread from:

RE: Coinbase account hacked? Why two-factor authentication methods are not created equal.

in #bitcoin8 years ago

They have the same function, but Google authenticator is tied to a specific device. Authy is tied to a phone number. To get the 2fa code from Google Authenticator, someone would need to physically steal your phone. For someone to steal the code from Authy they would just need to port your phone number to their phone, then they could just install Authy to gain access to your Authy account.

Sort:  

Thanks a lot, i find it very helpful.

I have an Authy app, do you know if i could remove all of the accounts that I've created and then tranfer them to Google Authenticator?
Thanks

Yes you can, but don't remove them until you are sure that you have the initial key or QR code in your possession. If you do not have that, the easiest way is to go into each account and disable 2fa. You will very likely need the code from Authy to do this, so make sure you do not delete it from Authy yet. Once 2fa is disabled, turn it back on, but this time add the account to Google Authenticator. Validate that it works using Google Authenticator before deleting the account from Authy.

Saw your reply here, Ace-One, and thought perhaps you could give me some advice? I am trying to remove Authy Chrome extension (desktop) and replace with another authenticator on the same Win7-64 desktop. I set this up for Coinbase account from which I have transferred USD and crypto into GDAX.

Should be simple, eh?

Well, after I enter the master password in Authy Chrome extension, the extension hangs in search mode for the password. I enabled/disabled to no avail.

Authy has suggested that I do a reset. I'm told that will remove the token from my OS. Note that I do not have multi-device enabled for Authy.

I'm concerned that I will not be able to access my account if I do an Authy Extension reset.

Suggestions?