Save your 2FA keys!

saor

saor

Honorary Master
Joined
Feb 3, 2012
Messages
42,185
Reaction score
37,090
Location
CPT
If you have 2FA enabled on exchanges and you lose your phone - life is a lot easier with the account key in your posession. Once you scan the QR code and enable 2FA you don't get access to the key again so back it up (write it down) before enabling 2FA.

If you've already enabled 2FA and you don't have the keys...disable 2FA in your exchange account and log out. Log back in to make sure 2FA has been removed, only then remove that sites account from your phone and re-enable 2FA taking note of the key this time.

token.png
(Not mine, just a pic from google)
 
Last edited:
Sadly, this is above most people's level of understanding. Kraken offers many sound infosec advices.
 
A reminder to backup your keys. Take a screenshot before scanning the QR code and store it on a flash drive.
If you lose your phone you're gonna have a hard time getting into your accounts.

I still see people using 2FA without their 2FA keys backed up.
 
Agreed. Keep a printed copy of all your keys somewhere safe.

I ran into this issue recently with Kraken. It was the one exchange I had not saved the recovery/master key for. Their support was very efficient. After a verification process, they removed 2FA on my account so I could get back in.
 
saor said:
A reminder to backup your keys. Take a screenshot before scanning the QR code and store it on a flash drive.
If you lose your phone you're gonna have a hard time getting into your accounts.

I still see people using 2FA without their 2FA keys backed up.
Click to expand...

Flash drive is a disaster waiting to happen imo

Store all your 2FA codes in a document like paint/word/excel, add to an encrypted zip file, then add the zip file to a cloud storage solution (like google drive). No ways you'll ever lose it then
 
I almost lost my crypto wallet - flashed my phone on Tuesday - and when reinstalling all the software - it hit me.

Fortunately I managed to recover the key from my dead laptop.
 
Friendly bump reminder.
Enable it everywhere that offers 2FA where you want an extra layer of security.

Don't wait until it's too late.
 
Please please please save your 2FA keys!
 
BUMP.
Enable 2FA and save your keys!
 
Just use Authy for your googleauth keys.

I suppose from a security point of view if you are seriously concern that you cant trust authy thats another discussion but authy allows you to store and recover the keys in case you lose your phone or for ease of transfering the keys to a new phone.
 
saor said:
BUMP.
Enable 2FA and save your keys!
Click to expand...

I vote you tot be president of the world. Thanks for the reminder, I do have some keys saved but not all exchanges. I've decided to take a snapshot of all 2FA from all websites.
 
John Tempus said:
Just use Authy for your googleauth keys.

I suppose from a security point of view if you are seriously concern that you cant trust authy thats another discussion but authy allows you to store and recover the keys in case you lose your phone or for ease of transfering the keys to a new phone.
Click to expand...

Lastpass authenticator aswell.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X