I would love to see a Level1 video on the current state of U2F products and authenticator apps.
I’m nearly in the market of buying a new phone. And I’m dreading the day because I’ll have to deactivate 2FA on a lot of accounts, just so I can enable it again on my new phone with a new app.
With that said, I understand these types of products might be of benefit for me because in combination with an app, it seems like the seeds are stored on the physical product.
Is that true?
The only products I have recently discovered are Google Titan, Nitrokey, and Yubikey.
Are there others? Which physical product are you using, and which app have you paired it with? Have you had success using backups/switching devices etc?
Thanks!
Edit: I guess this is a little more complicated than I thought. The Authenticator apps I’m used to, use TOTP (Time based one time password). While U2F is I guess something different.
Can vouch for YubiKey as well, we use it at work for most of our enterprise clients when authenticating for RDP in Windows Server. Very simple to swap out keys and maintain, secure as well.
My only issue with potentially using yubikey is that it is developed by Google and I am sure we all know what Google likes to do with peoples data. Hoard and exploit it to their benefit and our detriment.
Yubikey is the best hardware key, but more importantly, you should switch to Authy. It stores all your 2FA keys in their cloud and is end-to-end encrypted so they’re secure. This makes it super easy to switch phones.
Is this true? If this is the case then I would totally move to Authy. I currently use Google Authenticator and few months ago I found out the pain of needing to move every single 2FA accounts to a new phone. I started with my Google account and stopped there, it was a pain. I rather not do this every time I get a new phone
The fluff Oo
The idea of a 2fa is to mix 2 TYPE of auth Factor. You just change something you own by another password (something you know). This is no longer 2fa … I guess it’s still beter than just a single pass…
Yubikey are nice, but last time i checked they don’t sell the ultimate key yet. You have to choose between nfc, and the type of proto you need.