Questions about 2FA.

By Travesty
in Smart Home, Network & Security

 Share

Recommended Posts

Veteran

Travesty

Posted
Posted

Really just one, but first let me take you back to the biggest mistake of my life. I ended up getting a new cellphone number and SIM card a while back and for some reason decided to do a factory restore on my phone and of course totally forgetting to change the phone number associated with my 2FA app. To make a long story short I'm pretty much locked out of a lot of accounts... I will say that I take full responsibility for this mistake and it was completely my bad. So for my question. Why is getting some of these accounts back as easy as sending an email, maybe with a copy of some official identification, to get your account back while others tell you that it's completely impossible for them to get your account back? Google is the big one that's making me lose my mind. I can't even get a hold of a actual person that works there, I even have a Google Play subscription that I'm still being charged attached to this account I can't use...

Link to comment
https://www.neowin.net/forum/topic/1404949-questions-about-2fa/
Share on other sites
Grand Master

adrynalyne

Posted
Posted (edited)

Because some are more secure than others.  My Protonmail account is locked and remains locked I lose 2FA access. The only recourse is a recovery code. Most "unrecoverable" 2FA models give you a collection of recovery codes in the event you lose access.

 

 

  • Mindovermaster
  • Like 1
Veteran

Travesty

Posted
  • Author
Posted
21 minutes ago, adrynalyne said:

Because some are more secure than others.  My Protonmail account is locked and remains locked I lose 2FA access. The only recourse is a recovery code. Most "unrecoverable" 2FA models give you a collection of recovery codes in the event you lose access.

 

 

So is it safe to assume I'll be spending almost six dollars a month for the rest of my life with this Play subscription I can't use? I really can't stress enough I've tried to get a hold of Google to no avail about this...

Grand Master

adrynalyne

Posted
Posted (edited)
1 minute ago, SyntheticVirusZ said:

So is it safe to assume I'll be spending almost six dollars a month for the rest of my life with this Play subscription I can't use? I really can't stress enough I've tried to get a hold of Google to no avail about this...

No, of course not. Contact the company if its something you pay for. They will have a way to disable 2FA.

I can relate how much contacting Google sucks.  Its an exercise in futility.

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

Maybe someone already has your old number. Try calling it and see if they pick up. if they do tell them a code will be sent to their phone and see if they will pass it on to you.

 

Years  ago  (7 or 8 ) I did the same sort of thing you did. I was using Google authenticator on an iPod touch. Had my PayPal 2FA setup on it. without thinking, I factor reset the iPod Touch. I was then locked out my PayPal account. It's been so long ago I can't remember how i finally got back in or if I just created a new account.

 

In the future, use an authenticator app, and save a copy of the QR code you scan into authenticator. Put it on a USB flash drive and print it off if possible. Also add to every device you own. If you get a new phone just reinstall the authenticator app and rescan the saved QR code, BAM! Back in business. That's what I do.

 

There are services like Authy, but I just don't want all my two-factor codes all in one place online.

Experienced

Marujan

Posted
Posted

too bad, nothing can help you now.

 

create 2fa backup with a passwd and keep it on $5 usb stick from walmart

Veteran

Travesty

Posted
  • Author
Posted
38 minutes ago, adrynalyne said:

No, of course not. Contact the company if its something you pay for. They will have a way to disable 2FA.

I can relate how much contacting Google sucks.  Its an exercise in futility.

Truly insane... And I totally get how they want to write satiations like this off since I'm sure it happens a thousand times a month, but to go so far out of their way to make it so their users can't contact them about it is a little irresponsible.

16 minutes ago, warwagon said:

Maybe someone already has your old number. Try calling it and see if they pick up. if they do tell them a code will be sent to their phone and see if they will pass it on to you.

 

Years  ago  (7 or 8 ) I did the same sort of thing you did. I was using Google authenticator on an iPod touch. Had my PayPal 2FA setup on it. without thinking, I factor reset the iPod Touch. I was then locked out my PayPal account. It's been so long ago I can't remember how i finally got back in or if I just created a new account.

 

In the future, use an authenticator app, and save a copy of the QR code you scan into authenticator. Put it on a USB flash drive and print it off if possible. Also add to every device you own. If you get a new phone just reinstall the authenticator app and rescan the saved QR code, BAM! Back in business. That's what I do.

 

There are services like Authy, but I just don't want all my two-factor codes all in one place online.

I was using Authy, but get this, I had the password to Authy saved in my password manager, that was also protected by 2FA using Authy... And I knew I needed to print off those backup codes but like the fool I was being I didn't...

13 minutes ago, Marujan said:

too bad, nothing can help you now.

 

create 2fa backup with a passwd and keep it on $5 usb stick from walmart

I mean... I have gotten most of the accounts recovered so I feel it's hard to say nothing can help me now... But yeah, I know I need to get those backup codes printed off next time. 

Grand Master

+BudMan MVC

Posted
  • MVC
Posted
32 minutes ago, SyntheticVirusZ said:

But yeah, I know I need to get those backup codes printed off next time. 

This for sure.. Also - fan of authy.. Which allows you to sync devices with your 2fa.. So I have it on my phone, I have them on my ipad and also have the app running on my pc.  So worse case if I lost my phone with the app on it, or walked into the ocean with it in my pocket of my swim trunks ( I have done this!! )..

 

You can turn off the ability to add devices to the sync, etc.. so you only need to enable it when you want to add a new device.  Makes it real easy to get new phone up and running with your 2fa app that is for sure.

 

I like having it on my PC - so if the phone is in the kitchen and need to auth to something, I don't have to go get my phone ;)

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted
40 minutes ago, SyntheticVirusZ said:

I was using Authy, but get this, I had the password to Authy saved in my password manager, that was also protected by 2FA using Authy... And I knew I needed to print off those backup codes but like the fool I was being I didn't...

This is why I never have and probably never will use Authy, because the thought of getting locked out of Authy (for whatever reason) and in turn getting locked out of all my 2 factor codes and being royally F*cked, scare(s) the Sh*t out of me.

 

So I have just always used authenticator and printed off the QR codes and saved the QR codes to two sperate USB flash drives and two disconnected hard drives (1 USB Flash drive and 1 HDD in a safety deposit box) and added all authenticator codes to 3 devices.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

How would you get locked out of authy - other than forgetting your password ;)  It also asks you to do your password now and then, for example if you have it open with face, or fingerprint - so you don't forget it ;) heheh

 

Also you would have such passwords written down somewhere, on a piece of paper where you keep all your other important docs..

 

Forgetting your password - can lock you out of many things.  Not just authy ;)

Veteran

Travesty

Posted
  • Author
Posted
11 minutes ago, BudMan said:

This for sure.. Also - fan of authy.. Which allows you to sync devices with your 2fa.. So I have it on my phone, I have them on my ipad and also have the app running on my pc.  So worse case if I lost my phone with the app on it, or walked into the ocean with it in my pocket of my swim trunks ( I have done this!! )..

 

You can turn off the ability to add devices to the sync, etc.. so you only need to enable it when you want to add a new device.  Makes it real easy to get new phone up and running with your 2fa app that is for sure.

 

I like having it on my PC - so if the phone is in the kitchen and need to auth to something, I don't have to go get my phone ;)

 

4 minutes ago, BudMan said:

How would you get locked out of authy - other than forgetting your password ;)  It also asks you to do your password now and then, for example if you have it open with face, or fingerprint - so you don't forget it ;) heheh

 

Also you would have such passwords written down somewhere, on a piece of paper where you keep all your other important docs..

 

Forgetting your password - can lock you out of many things.  Not just authy ;)

I do like the fact Authy can be installed on just about everything, wish I had it installed on everything before this happened. As for my passwords, all are pretty easy to forget since I randomly generate them. Most are twenty characters long of letters, numbers, and symbols.

9 minutes ago, warwagon said:

This is why I never have and probably never will use Authy, because the thought of getting locked out of Authy (for whatever reason) and in turn getting locked out of all my 2 factor codes and being royally F*cked, scare(s) the Sh*t out of me.

 

So I have just always used authenticator and printed off the QR codes and saved the QR codes to two sperate USB flash drives and two disconnected hard drives (1 USB Flash drive and 1 HDD in a safety deposit box) and added all authenticator codes to 3 devices.

I mean all in all this is a lesson learned in life for myself. Don't be lazy and get those backup codes writing down! Well, I guess back to the grind working on these accounts...

Veteran

Travesty

Posted
  • Author
Posted
5 hours ago, Superuser said:

I wonder if should even be using my cell number for my Authy account and instead be using a number have via MySudo that use for Signal and Telegram.

I would give yourself as many backup methods as possible, take it from me who's just learned the hard way.

Veteran

Joe User

Posted
Posted

When possible, I tend to avoid 2FA that uses text messaging and go for something like Authenticator and WinAuth. When I don't have a choice, I run 2FA through Google Voice instead of my cell. Google itself is going through authenticator and WinAuth so I won't be locked out of Google if I don't have my cell.

My passwords live in KeePass, which is also 2FA, but in that case the second factor is a keyfile that never goes online, while the database itself is on cloud storage. 

 

It's a system designed to reinforce security and add redundancy. I can lose my cell phone and cell phone account and still have 2FA working.  It's not perfect, but it's pretty good.

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft raises Xbox console prices by up to $150, discontinues 2TB version

      By Gotenks98 · Posted

      But they will be the first asking for a bail out the moment crap goes sideways. Its just a matter of time with this AI thing unless skynet gets us first.
    • Google reshuffles its AI coding team as it struggles to catch Anthropic

      By +Edouard · Posted

      I'm so conflicted with the Google Search AI summaries. On one hand I don't like how it's harming smaller websites by greatly reducing traffic which will harm us all in the long run but on the other hand those AI summaries often give me the information I'm after. I have never once clicked on 'show me more' though and never will.
    • Microsoft raises Xbox console prices by up to $150, discontinues 2TB version

      By qbrick · Posted

      Not a single company as small or large it may be is obligated to subsidize its products and sell them at a loss. Your way of thinking is socialist and as a West German with a German brother state but impoverished by state dictatorship and a socialist command economy situated to the East i can tell you - this kind of thinking very quickly leads to products not being produced anymore at all. EDIT: That does not mean that I find state support for social needs unreasonable. Quite the contrary. Together with solid workers' rights we exactly had exactly that in Germany for decades in the form of the Sozialstaat which was as the scandinavian social democratic very successful - until the number of people who drew from those resources dramatically increased (ironically a project of social democrat and green proponents).
    • Apple reportedly has a second-generation iPhone Fold planned for 2027

      By Hamid Ganji · Posted

      Apple reportedly has a second-generation iPhone Fold planned for 2027 by Hamid Ganji The iPhone Fold is one of the most anticipated tech products expected to debut this fall. It will be Apple’s first foldable iPhone, ushering in a new product category for the company. While the first generation has yet to hit the shelves, a new leak suggests Apple has already begun work on its successor. Chinese leaker Digital Chat Station claims that the second-generation iPhone Fold has already been confirmed, meaning Apple could launch a successor in fall 2027. The foldable iPhone is also reportedly referred to as the “iPhone Ultra,” though it remains unclear whether Apple will ultimately choose that branding, especially as Samsung is rumored to rename the Galaxy Z Fold 8 as the Galaxy Z Fold Ultra this year. The leaker also claims that the second-generation foldable will feature a wider folding display while reusing the same screen found in the first generation. Apple’s first foldable iPhone is expected to feature a 7.8-inch inner display and a 5.3-inch outer screen in a passport-style form factor. It has already been reported that Apple plans to change its iPhone release cycle in 2026 to spread launches throughout the year. Under this strategy, the iPhone Fold is expected to debut this fall alongside the iPhone 18 Pro and iPhone 18 Pro Max. The standard iPhone 18 and iPhone Air 2 are expected to arrive later in 2026 or in early 2027. Speaking of the iPhone Air, Digital Chat Station says Apple remains undecided about a third-generation model. The company is reportedly waiting to see how the iPhone Air 2 performs in the market, and if sales disappoint, a successor may never materialize. As we reported this week, the iPhone Air has not been scrapped from Apple’s plans. The second-generation model is reportedly scheduled for spring 2027 and could introduce upgrades such as an additional rear camera for ultrawide photography and improved battery life.
    • Sony announces Bungie layoffs that will affect "significant number of employees"

      By daryld · Posted

      ahh yes the good old your opinion differs from mine so you are therefore insane lol destiny 1 had no agenda pushing and was a massive success of a game, if you clearly look online the team for some reason thought they had too many men on the team and went on a woman and dei recruitment drive and we all know how destiny 2 performed from then on in

  • Recent Achievements

    • One Year In
      Vistor earned a badge
      One Year In
    • First Post
      kinowa earned a badge
      First Post
    • Rookie
      krychek57 went up a rank
      Rookie
    • Grand Master
      Jaybonaut went up a rank
      Grand Master
    • One Year In
      Philsl earned a badge
      One Year In

  • Popular Contributors

    1. 1
      +primortal
      405
    2. 2
      +Edouard
      170
    3. 3
      PsYcHoKiLLa
      131
    4. 4
      Xenon
      72
    5. 5
      neufuse
      69
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!