pull down to refresh

2FA best practices by NVK
238 sats \ 4 comments \ @Rsync25 20 Mar bitcoin_beginners
  1. Google Authenticator Cloud backup disabled (Not hardware wallets)
  2. Not SMS, nor Video if optional
  3. Delete your phone number from as many places as possible
  4. Review which other apps have access to your accounts, remove everything that is not necessary
Original tweet: https://twitter.com/nvk/status/1770419699567771821
write
preview
related posts
0 sats \ 0 replies \ @beorange 20 Mar
Avoid Google authenticator, it is an inferior product to many others.
If you need a TOTP app for 2FA, use Aegis
reply
0 sats \ 0 replies \ @k00b 20 Mar
I could see this being fine advice if one factor is already a hardware device, but it's weird advice if he means this generically. I suspect he argues general purpose computers are inherently more vulnerable than dedicated hardware for private keys.
reply
0 sats \ 1 reply \ @jp305 20 Mar
I'm receiving so many unsolicited calls on my phone number that at this point I am considering getting a new one entirely.
I recently ordered an MK4 and will use it to generate/store my passwords. That is a very sweet feature that sealed the deal for me.
reply
8 sats \ 0 replies \ @doofus 20 Mar
Be careful with that! I did that a few years ago and the new number was already worse than the one I had!
reply