What’s the Best Two-Factor Authentication Option?

The worst is none at all... but which one should you choose?

askleonotenboom

A concern that always needs to be addressed is to also have available some recovery option or backup in case you lose your primary authentication method or device.

msun

I really like the authy desktop approach. The biggest resistance I get from employees is they don’t want a work related app on their private phones, I can’t blame them. This solution takes care of it.

VeritatemQuaere

This channel is a true gem and you're seriously defying the age stereotype with your sharp thought. Also thanks for the confidence. Often times I consume info about a given topic and at the end, there is a "well I am not sure if it's better though". Which makes the whole thing pretty much pointless.

zen-ventzi-marinov

I would recommend an authenticator app since sometimes with email or text message, it takes a long time and sometimes even never to get a text or email for the security code

srd

In 3:02 you said : "It [2FA] is usually done by having your device scan a QR code displayed or entering a special key that then associates your specific phone, your specific installation of the Google Authenticator with your account. No other Google Authenticator will do. it has to be your phone and your Google Authenticator that's used to authenticate you are who you say you are."
As of today, this is incorrect, I've just tried the special key on a friend phone and it generates the same six digit codes. So, it doesn't have to be your SPECIFIC phone and your SPECIFIC installation of GA app.

medramzi

I recently watched a YouTube video stating that Google Authenticator is one of the least secure authenticators out there

johngreene

Think about it if ur using Google’s authentication app and it’s to do with your phone a unique code only matches ur phone u might as well just have a code sent to your phone more easier

yusufmain

Authy is great, but the account is linked to your phone number. I prefer to use an application that doesn't do this. I installed 2FAS on my Android phone. It has an option to back-up to Google Drive, so your seeds can survive an app reinstall, and can be transferred to another Android device pretty simply.

neuideas

To do a simswap attack the attacker also needs your password so low risk, but if you use bad passwords risk goes way up

gtcstorm

So I’m wondering why you would suggest to use google authentication when authy just sounds better.

RyeFleming

Has Google updated their authenticator with end to end encryption?

gsgidney

I WISH apps enabled 2FA with email. But they don't! They opt for SMS which is stupid if you're abroad with a local SIM card.

eladbari

Great video, you explained things so simply. THANKS

Mike_UNMUTED

Another obstacles scanning QRCode can't figure out especially when qrcode is on a billboard

lynetteford

The best one is fido keys such as yubikeys

xtsbwmf

If a SIM swapper can get your SMS 2FA, why wouldn't they also be able to get you Google authenticator codes?

asinheaven

Great video, and 100% everyone should be using MFA, however you did not mention Microsoft Authenticator. This is way better and more secure than Google Authenticator, as you can backup codes to your MS account, lock the app with biometrics, and the same app is also a totaly free and really good password manager that synchronises up with MS Edge across ANY device you have, (Windows, MacOS, iOS, Android).

pmutch

are you still using Authy after they were hacked?

cmdrefstathiusplacidus

If you have 2 factor authentication do you have to enter the authentication coda every time you log in or can you just authenticate your device once to log into your application?

swaha