ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    CentOS Two Factor Authentication with Google Authenticator

    Scheduled Pinned Locked Moved News
    google authenticatcentosrhellinuxsecurity
    26 Posts 3 Posters 8.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User @scottalanmiller
      last edited by

      @scottalanmiller said:

      I don't like SMS as an authentication method because I've found SMS to be very unreliable. Here in Europe it is tons more reliable than in the US, but you don't want a tower outage or being in a "dead spot" to stop authentication. I worry enough about the "on the phone" app losing power (my phone is dead right this second, for example) or getting lost or whatever causing a lack of access but using SMS on the phone adds secondary network connectivity as an additional breaking point.

      If I lose my phone, phone breaks, battery is dead, I lose cell coverage OR I lose network access I can't log in. That is more and more points of failure.

      I completely agree. This is why I use Authy. No SMS.

      Best part of all it is removes the requirement to use your phone.

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        Ah, Authy doesn't require SMS? Cool, will look into it more then.

        ? 1 Reply Last reply Reply Quote 0
        • ?
          A Former User @scottalanmiller
          last edited by A Former User

          @scottalanmiller I think your confusing Two Factor Authentication with SMS.

          You can do 2FA with SMS, but it's not as common anymore.

          Take a look at this link: http://security.stackexchange.com/questions/47901/how-does-authys-2fa-work-if-it-doesnt-connect-to-the-server

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • ?
            A Former User
            last edited by

            If Authy would integrate with Touch ID, that would be amazing!

            1 Reply Last reply Reply Quote 1
            • ?
              A Former User
              last edited by

              This is also a good read: http://stackshare.io/posts/how-authy-built-a-fault-tolerant-two-factor-authentication-service/

              1 Reply Last reply Reply Quote 0
              • ?
                A Former User @scottalanmiller
                last edited by

                @scottalanmiller said:

                (my phone is dead right this second, for example)

                Authy lets to sync across devices, so unless you phone/iPad/computer/Wife's Phone are all dead, then it still works! 🙂

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @A Former User
                  last edited by

                  @Aaron-Studer said:

                  @scottalanmiller I think your confusing Two Factor Authentication with SMS.

                  No, I definitely know what both are. I think you are quoting someone who was wrong in the article because someone said that to them there too trying to claim that a code over SMS isn't two factor authentication, but it most certainly is as they get pointed out in the article too.

                  All the images I see of Authy show it uses SMS codes as its second factor. Hence why I thought that that was what they used. If they don't use insecure SMS, why do they advertise it so much?

                  ? 1 Reply Last reply Reply Quote 0
                  • ?
                    A Former User
                    last edited by

                    Also, you can use Authy completely offline 🙂

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller
                      last edited by

                      I see on their site that SMS is a fallback. They show way too many pictures of it, it make it look like SMS was the process, not an emergency fallback for people living in the dark ages.

                      1 Reply Last reply Reply Quote 0
                      • ?
                        A Former User @scottalanmiller
                        last edited by

                        This post is deleted!
                        1 Reply Last reply Reply Quote 0
                        • ?
                          A Former User
                          last edited by

                          Look what I just found!

                          Authy.png

                          1 Reply Last reply Reply Quote 1
                          • ?
                            A Former User
                            last edited by

                            This post is deleted!
                            1 Reply Last reply Reply Quote 0
                            • 1
                            • 2
                            • 2 / 2
                            • First post
                              Last post