A big heads up to all of you, Google Authenticator DOES NOT SAVE your info


#1

Google does NOT save your third party authentication information on its cloud, it is only saved on the device you took that QR picture of. If your phone is lost, this info is lost unless you saved a master key from when you signed up for that third party 2fa. The emergency keys google gives are for google services ONLY. They will not work on getting past the 2fa on Binance for instance. SAVE YOUR MASTER KEYS!


#2

One option is to scan the code into a second phone you have that you can keep spare. I did this with my old phone. If i loose my current phone everything is backed up on the spare.


#3

Yes, and honestly no remote backup service should save your private keys for what could potentially be a bank account.

While the practice is sane, Google could be more clear that IT IS NOT backed up.


#4

I always print out the QR code page, or write down the seed, or save the screen as a PDF, and then encrypt it and save it in the cloud. I also point the phone’s camera at the printout or PDF, not the screen, so I’m sure the printed/PDF QR is good.

I’m amazed at the poor information given to people by websites that are setting up GAugh. They do not warn much about saving the QR, and most do not even print out the seed.

Then again, I’m also glad some websites offer it at all. A heavyweight as big as Wells Fargo Bank continues to use SMS, and when I asked for GAuth, they acted with strident stupidity.


#5

brilliant post, thank you.
I wish i knew this before.
this is also an argument against using Google 2FA in Daedalus - however it seems like you’d be able to help out with creating a stupid-proof setup up guide when Daedalus users were to set up google 2fa in Daedalus.

Btw, with what you know about Google 2FA, do you think it would be possible to integrate it directly into the Daedalus wallet? Is there something about blockchain or Daedalus that would make this intrinsically impossible or intrinsically a monumentally bad idea?


#6

I have wondered why 2FA is not built into wallets, and was told that “there is nothing to authenticate to,” such as a remote server who really does not know who you are.

In the case of a wallet, you are there using it immediatelyon a desktop; there is not a server between you and the data you wish to access, so there is nothing to authenticate to.

But my opinion is that in the same way you need to type in a password in order to send, you should need a 2FA code to type in as well, and this makes stealing incredibly difficult. (Coinbase, of course, requires you to do this if you set up 2FA, but again, that wallet lives on a REMOTE server.)

In conclusion, my two ADAs are that 2FA should be built into wallets.


#7

Can some explain how to copy the google 2fA code to another phone ?