All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
OTP generation (on cloud)
I have started using 2 factor authentication for several services i use... like team viewer (I know I know it was hacked recently), online.net console login and several others...
I use google authenticator on my phone where I have setup both the accounts. So, my question is, what happens when I loose my phone or the phone goes bad... How can I access the OTP generation? I remember seeing a couple of generated codes which I could ise incase I loose access... but, I think I have lost those codes.
What do you guys use/ recommend to have a separate location to generate the OTP incase I loose access to the device? Is there somewhere on the cloud where I could setup all these accounts?
Comments
You can use apps like Google Authenticator on multiple devices. So during setup you'd configure both. It's less secure since it creates multiple points of failure (you have to guard two devices now, not just one), but it'll work just fine.
I think the general idea is that you print the one time access/backup codes provided and keep them in a safe place (like a safe).
If you're saying you've lost those backup codes, you should log in to each service, invalidate the codes, generate new ones and put them in a safe place.
So, yes, thats what I want to do... have google authenticator on multiple devices... But, is there some cloud based service where I can have google authenticator running which will always have OTP generation going on?
If you put them all in a text file and encrypt it, you can store it anywhere - uuencode it and put it on pastebin if you want, email it to yourself, post it in the Cest Pit, etc.
Thanks!
@raindog308 Meh, the Cest Pit sounds great.
Having the generator online sort of defeats the purpose of it all, no?
Anyway, you can do something similar with an app like Authy.
I think I've mentioned before, I like to keep all my credentials in plain text on a public GitHub repo. Versioning. Available anywhere. Easy to copy. What could go wrong?
+1 Authy,
you're done no way to recovery all account on your google authenticator, change to Authy as soon as possible, your account always there
oathtool --totp -b "yoursecretkey"