Resource Two-Factor Authentication (2FA) GUIDE, step-by-step

[enjolras]

What is 2FA and how to activate it at an online website or within a mobile application (same same).

https://sanctioned-suicide.net/thre...-missinginaction-ctb-feats.39344/#post-726622

 

[HelensNepenthe]

Reminder that services such as Authy can be easily breached if you're a victim to SIM swapping. These services should not be used if you're suspicious that someone may perform this attack on you. Social engineering is what causes most breaches, not actual "hacking" that you see on CSI Miami. Here are some simplistic recommendations for authenicators that are entirely offline.

• FreeOTP (Android/iOS)
• Authenticator (iOS)

Varying on your threat level, Authy is "fine". Personally I would disable multi-device recovery, because that effectively is as weak as SMS authenication. If you're high risk, it's advisable that you research into physical tokens that are programmable.

 

[enjolras]

Exactly, thanks for the precisions.