Tag Archive: twofactorauth

Making Two Factor Authentication (even) easier

If you pay attention to the news you know you should be protecting your accounts with strong unique passwords, and two factor authentication wherever it is supported.  Two factor authentication improves your security by requiring (as the name implies) as second piece of information to authenticate which is usually a number generated by an app on your phone or received via text or email.  A while ago I posted this tip to make two factor authentication a little easier, now I want to follow that up with another tip.

I recently moved all my two factor authentication from Google Authenticator  to Authy.  The big difference is Authy will let you sync your two factor authentication between multiple devices as well as serve them up via a Chrome App.

I recently replaced my phone and instead of having to open up all my QR codes I was able to simply authorize my new phone in Authy and decrypt all my sites in seconds

Making Two Factor Authentication (a little) easier

I am a big fan of Two Factor Authentication.  If you are not familiar with two factor authentication, there is a good explanation here.  I have enabled  Two Factor authentication pretty much on any account I have that supports it.

Many Two Factor implementations use the Google Authenticator app to provide the authentication code.   Setting up  the authenticator is easy, you generally scan a QR code, and then enter the code to confirm the setup.

One of the difficulties when using Two Factor authentication is setting up the Authenticator app on a new or additional device.  When you initially set up Two Factor authentication you are presented with a QR Code that is scanned by the app to automatically configure the account.   Typically to set up another device you have to invalidate the original configuration, and sometimes even disable and then re-enable Two Factor Authentication altogether.

Recently listening to an episode of This Week in Google they shared a tip so simple I don’t know why I never thought of it.  When you first enable Two Factor authentication for a given account download the QR Code image and save it somewhere securely.   Since I use Lastpass as a password manager I create a secure note which allows me to securely upload and save the QR code image.   Configuring the Authenticator App on an additional or new device is as simple as opening up the secure note and scanning the bar code.