2FA — Google Authenticator — Advice that will make your life a lot easier
2FA is a must these days in terms of security of your accounts. Google Authenticator (further in text GA) is a great tool that can help you add another security layer. As much it is straightforward to use, you should think two steps ahead.
What is GA and how to add it to your account?
Google Authenticator is a software token that implements two-step verification services using the Time-based One-time Password Algorithm and HMAC-based One-time Password Algorithm, for authenticating users of applications by Google.
Combination of username and password is not enough to be safe and sound these days, no matter how complex your password is. You need 2FA and Google offers, in my opinion, the best and the easiest tool to implement out there.
You just need to scan the qr code or enter the secret phrase in GA app on your phone and voila you’re all set. But here is the catch!
Always write down the secret phrase for every account and store it somewhere safe so you can recover your GA on another device.
The best way to store your secret phrase is to make a hard copy — take a piece of paper and write it down. Store it somewhere safe.
What if you lose or break your phone?
I broke my phone just a few days ago. Did not have a copy for secret phrases/ qr codes on more than 30 sites and services that I am using. I am going through a really complicated process right now and it is only myself to blame.
I need to contact every site/service separately and ask them to remove 2FA from my account so I can add a new one. Procedures are different on each and every one of them so I will just mention a few:
BINANCE
Binance has it’s own procedure regarding removing Google Authenticator as a 2FA from your account. You need front and back photo of your ID and a selfie with a note and ID.
You can start the procedure as shown here:
https://support.binance.com/hc/en-us/articles/115003585911-How-to-reset-Google-2FA
HITBTC
To reset a 2FA on hitbtc you need to send an email to support@hitbtc.com and follow the instructions.
SKRILL
You need to send an email with subject “2FA reset” to vip@skrill.com if you are a vip member or support@skrill.com if you are regular member and you will need a selfie with your ID to reset it.
BITPANDA
I have to give their customer service a credit! They were really fast. You need to send a picture of the ID and close to it a note with a text “2FA reset Bitpanda” and today’s date. It was resolved in under 30min.
Now imagine 30 times going through different process every time.