Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Two factor authentication question
- Thread starter amro
- Start date
-
- Tags
- two factor
- Sort by reaction score
When you go to use it, you have the choice. Sign up for both and you'll have more options when it's needed.
Personally, I feel sending the code via SMS isn't all that secure. Unless you turn off "Show Previews" in Messages Options, the code will be displayed on your lock screen even with the phone locked. So if you loose your phone, 2 factor authentication becomes completely useless.
I'd always suggest getting a text. It can be slow to come through sometimes if your signal isn't great but some other systems require Google Authenticator which is an absolute pain to get the six digit code from within the app then enter in with enough time to spare.
Get SMS, Two Step is great with it. Incredibly secure.
As others have mentioned, I've got multiple options setup for Apple 2FA and the recovery key saved and encrypted in various cloud services and password managers.
For other services, using Authy for one-time use key generation: Google, Facebook, Dropbox, and which ever other services come along and supports time tokens. App for iOS devices and Chrome extension/app to desktop access.
For other services, using Authy for one-time use key generation: Google, Facebook, Dropbox, and which ever other services come along and supports time tokens. App for iOS devices and Chrome extension/app to desktop access.
Try an alternative code generator. OTP Auth can show the codes in the notification center in iOS 8 via a widget. In the latest release it can even insert the codes directly within Safari via an action extension.
Personally, I much prefer offline code generators because I don't always have good cellular connectivity while traveling, or there are expensive roaming fees for SMS. Unfortunately Apple's 2-factor authentication for iCloud does not support offline codes.
Update to this. With continuity in ios8, someone could steal your MB or ipad, have the code sent SMS, which shows up on their new screen:
Beware two-factor authentication using Yosemite's SMS forwarding
http://www.readability.com/m?url=ht...o-factor-authentication-using-sms-forwarding/
Better to rely 100% on device identify I'd say
Ummm, doesn't the Mac and iPad have to be on the same wi-fi as the iPhone? So, not really an issue if the thief is still sitting in your home or at the same coffee shop.
And in the case of Apple's 2FA, if you choose to send the code to a trusted device, instead of a phone number, and the device has a passcode, you have to unlock the device first to see the code.
Not really. You would have to lose the device you want to authenticate AND the phone that receives the SMS authentication code. If you're going to do that, you might as well leave your house keys under the door mat while you're at it!
You are given the choice of which device you want to send the message to, at the time when you are being authenticated. If you'd lost your phone, you obviously wouldn't choose to send your authentication code to that device.
Personally, I generally choose iMessage delivery. If you happen to be in an area of poor reception, you might not get an SMS code for some time. But if your iDevice has WiFi available, you'll get the code delivered almost instantaneously.