Questions about 2FA.

[Travesty]

Really just one, but first let me take you back to the biggest mistake of my life. I ended up getting a new cellphone number and SIM card a while back and for some reason decided to do a factory restore on my phone and of course totally forgetting to change the phone number associated with my 2FA app. To make a long story short I'm pretty much locked out of a lot of accounts... I will say that I take full responsibility for this mistake and it was completely my bad. So for my question. Why is getting some of these accounts back as easy as sending an email, maybe with a copy of some official identification, to get your account back while others tell you that it's completely impossible for them to get your account back? Google is the big one that's making me lose my mind. I can't even get a hold of a actual person that works there, I even have a Google Play subscription that I'm still being charged attached to this account I can't use...

[adrynalyne]

Because some are more secure than others.  My Protonmail account is locked and remains locked I lose 2FA access. The only recourse is a recovery code. Most "unrecoverable" 2FA models give you a collection of recovery codes in the event you lose access.

 

 

[Travesty]

21 minutes ago, adrynalyne said:

Because some are more secure than others.  My Protonmail account is locked and remains locked I lose 2FA access. The only recourse is a recovery code. Most "unrecoverable" 2FA models give you a collection of recovery codes in the event you lose access.

 

 

So is it safe to assume I'll be spending almost six dollars a month for the rest of my life with this Play subscription I can't use? I really can't stress enough I've tried to get a hold of Google to no avail about this...

[adrynalyne]

1 minute ago, SyntheticVirusZ said:

So is it safe to assume I'll be spending almost six dollars a month for the rest of my life with this Play subscription I can't use? I really can't stress enough I've tried to get a hold of Google to no avail about this...

No, of course not. Contact the company if its something you pay for. They will have a way to disable 2FA.

I can relate how much contacting Google sucks.  Its an exercise in futility.

[+Warwagon MVC]

Maybe someone already has your old number. Try calling it and see if they pick up. if they do tell them a code will be sent to their phone and see if they will pass it on to you.

 

Years  ago  (7 or 8 ) I did the same sort of thing you did. I was using Google authenticator on an iPod touch. Had my PayPal 2FA setup on it. without thinking, I factor reset the iPod Touch. I was then locked out my PayPal account. It's been so long ago I can't remember how i finally got back in or if I just created a new account.

 

In the future, use an authenticator app, and save a copy of the QR code you scan into authenticator. Put it on a USB flash drive and print it off if possible. Also add to every device you own. If you get a new phone just reinstall the authenticator app and rescan the saved QR code, BAM! Back in business. That's what I do.

 

There are services like Authy, but I just don't want all my two-factor codes all in one place online.

[Marujan]

too bad, nothing can help you now.

 

create 2fa backup with a passwd and keep it on $5 usb stick from walmart

[Travesty]

38 minutes ago, adrynalyne said:

No, of course not. Contact the company if its something you pay for. They will have a way to disable 2FA.

I can relate how much contacting Google sucks.  Its an exercise in futility.

Truly insane... And I totally get how they want to write satiations like this off since I'm sure it happens a thousand times a month, but to go so far out of their way to make it so their users can't contact them about it is a little irresponsible.

16 minutes ago, warwagon said:

Maybe someone already has your old number. Try calling it and see if they pick up. if they do tell them a code will be sent to their phone and see if they will pass it on to you.

 

Years  ago  (7 or 8 ) I did the same sort of thing you did. I was using Google authenticator on an iPod touch. Had my PayPal 2FA setup on it. without thinking, I factor reset the iPod Touch. I was then locked out my PayPal account. It's been so long ago I can't remember how i finally got back in or if I just created a new account.

 

In the future, use an authenticator app, and save a copy of the QR code you scan into authenticator. Put it on a USB flash drive and print it off if possible. Also add to every device you own. If you get a new phone just reinstall the authenticator app and rescan the saved QR code, BAM! Back in business. That's what I do.

 

There are services like Authy, but I just don't want all my two-factor codes all in one place online.

I was using Authy, but get this, I had the password to Authy saved in my password manager, that was also protected by 2FA using Authy... And I knew I needed to print off those backup codes but like the fool I was being I didn't...

13 minutes ago, Marujan said:

too bad, nothing can help you now.

 

create 2fa backup with a passwd and keep it on $5 usb stick from walmart

I mean... I have gotten most of the accounts recovered so I feel it's hard to say nothing can help me now... But yeah, I know I need to get those backup codes printed off next time. 

[+BudMan MVC]

32 minutes ago, SyntheticVirusZ said:

But yeah, I know I need to get those backup codes printed off next time. 

This for sure.. Also - fan of authy.. Which allows you to sync devices with your 2fa.. So I have it on my phone, I have them on my ipad and also have the app running on my pc.  So worse case if I lost my phone with the app on it, or walked into the ocean with it in my pocket of my swim trunks ( I have done this!! )..

 

You can turn off the ability to add devices to the sync, etc.. so you only need to enable it when you want to add a new device.  Makes it real easy to get new phone up and running with your 2fa app that is for sure.

 

I like having it on my PC - so if the phone is in the kitchen and need to auth to something, I don't have to go get my phone

[+Warwagon MVC]

40 minutes ago, SyntheticVirusZ said:

I was using Authy, but get this, I had the password to Authy saved in my password manager, that was also protected by 2FA using Authy... And I knew I needed to print off those backup codes but like the fool I was being I didn't...

This is why I never have and probably never will use Authy, because the thought of getting locked out of Authy (for whatever reason) and in turn getting locked out of all my 2 factor codes and being royally F*cked, scare(s) the Sh*t out of me.

 

So I have just always used authenticator and printed off the QR codes and saved the QR codes to two sperate USB flash drives and two disconnected hard drives (1 USB Flash drive and 1 HDD in a safety deposit box) and added all authenticator codes to 3 devices.

[+BudMan MVC]

How would you get locked out of authy - other than forgetting your password   It also asks you to do your password now and then, for example if you have it open with face, or fingerprint - so you don't forget it heheh

 

Also you would have such passwords written down somewhere, on a piece of paper where you keep all your other important docs..

 

Forgetting your password - can lock you out of many things.  Not just authy

[Travesty]

11 minutes ago, BudMan said:

This for sure.. Also - fan of authy.. Which allows you to sync devices with your 2fa.. So I have it on my phone, I have them on my ipad and also have the app running on my pc.  So worse case if I lost my phone with the app on it, or walked into the ocean with it in my pocket of my swim trunks ( I have done this!! )..

 

You can turn off the ability to add devices to the sync, etc.. so you only need to enable it when you want to add a new device.  Makes it real easy to get new phone up and running with your 2fa app that is for sure.

 

I like having it on my PC - so if the phone is in the kitchen and need to auth to something, I don't have to go get my phone

 

4 minutes ago, BudMan said:

How would you get locked out of authy - other than forgetting your password   It also asks you to do your password now and then, for example if you have it open with face, or fingerprint - so you don't forget it heheh

 

Also you would have such passwords written down somewhere, on a piece of paper where you keep all your other important docs..

 

Forgetting your password - can lock you out of many things.  Not just authy

I do like the fact Authy can be installed on just about everything, wish I had it installed on everything before this happened. As for my passwords, all are pretty easy to forget since I randomly generate them. Most are twenty characters long of letters, numbers, and symbols.

9 minutes ago, warwagon said:

This is why I never have and probably never will use Authy, because the thought of getting locked out of Authy (for whatever reason) and in turn getting locked out of all my 2 factor codes and being royally F*cked, scare(s) the Sh*t out of me.

 

So I have just always used authenticator and printed off the QR codes and saved the QR codes to two sperate USB flash drives and two disconnected hard drives (1 USB Flash drive and 1 HDD in a safety deposit box) and added all authenticator codes to 3 devices.

I mean all in all this is a lesson learned in life for myself. Don't be lazy and get those backup codes writing down! Well, I guess back to the grind working on these accounts...

[+Good Bot, Bad Bot Subscriber¹]

I wonder if should even be using my cell number for my Authy account and instead be using a number have via MySudo that use for Signal and Telegram.

[Travesty]

5 hours ago, Superuser said:

I wonder if should even be using my cell number for my Authy account and instead be using a number have via MySudo that use for Signal and Telegram.

I would give yourself as many backup methods as possible, take it from me who's just learned the hard way.

[Joe User]

When possible, I tend to avoid 2FA that uses text messaging and go for something like Authenticator and WinAuth. When I don't have a choice, I run 2FA through Google Voice instead of my cell. Google itself is going through authenticator and WinAuth so I won't be locked out of Google if I don't have my cell.

My passwords live in KeePass, which is also 2FA, but in that case the second factor is a keyfile that never goes online, while the database itself is on cloud storage. 

 

It's a system designed to reinforce security and add redundancy. I can lose my cell phone and cell phone account and still have 2FA working.  It's not perfect, but it's pretty good.

 

[astropheed Veteran]

If it helps, this is one of those mistakes you only make once. I've made it once, I won't again.