Solved Backup Devices for MFA


Well, besides myself, there are 2 people on this thread who value a backup device for MFA. If one MFA device fails, then the other MFA device can still be used to access the site and edit the MFA specifics for the site if needed.

The first person uses phone and pc as his MFA devices. The second person uses phone and tablet as his MFA devices. I myself presently use 4 MFA devices, because unfortunately not all my (important) sites work with all my devices (and I want to have at least 2 MFA devices to work for each site as per the first paragraph)

It does not matter if you don't value a backup device for MFA, just don't use it. Some people don't value data backup either :scream:

Edit: ALL better sites provide MFA backup, SMS to mobile PLUS at least one other medium, usually PC- or tablet-based (such as backup codes) but also landline voice, etc. A site without MFA backup is one to be avoided, IMHO.

One more example: one of my most secure sites use a digital certificate that I store in my password manager, so password and MFA are very conveniently stored in one secure place. Of course the site works with SMS to mobile too. And upon login, the site lets me select which one of the two MFAs (SMS from phone or certificate from computer) I want to use that day. The site has in fact a 3rd MFA that I don't use, but I certainly would not use that important site if it had only 1 MFA!
I rest my case. You still have not acknowledged that mfa with sites that only use codes sent to a number is useless if out and about unless you carry second phone.

The original post was not about best MFA but about usng a second phome.

No point in discussing anymore as you fail to acknowledge the limitations of using a second phone for sites thst only use codes to mobile.

Subject Closed.
 

My Computer

System One

  • OS
    Windows 10 Pro + others in VHDs
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Vivobook 14
    CPU
    I7
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    N/A
    Screen Resolution
    1920x1080
    Hard Drives
    1 TB Optane NVME SSD, 1 TB NVME SSD
    PSU
    Yep, got one
    Case
    Yep, got one
    Cooling
    Stella Artois
    Keyboard
    Built in
    Mouse
    Bluetooth , wired
    Internet Speed
    72 Mb/s :-(
    Browser
    Edge mostly
    Antivirus
    Defender
    Other Info
    TPM 2.0
I have over 120 accounts in Bitwarden but only 6 accounts with 2FA in Authy. These are accounts with financial associations. My bank does not support MFA with a code but asks for passphrase in addition to the password. My tax account does the same thing but also requires a code provided from an automated telephone call (3FA).

The other Bitwarden entries are for forums, like this one, routers, IPTV etc., most that generally do not have or need MFA.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP / Spectre x360 Convertible 13
    CPU
    i5-8250U
    Motherboard
    83B9 56.50
    Memory
    8GB
    Graphics Card(s)
    Intel(R) UHD Graphics 620
    Sound Card
    Realtek High Definition Audio(SST)
    Screen Resolution
    1920 x 1080
    Hard Drives
    Toshiba 256GB SSD
    Internet Speed
    500Mbps
    Browser
    Firefox, Edge
    Antivirus
    Windows Defender
I have over 120 accounts in Bitwarden but only 6 accounts with 2FA in Authy. These are accounts with financial associations. My bank does not support MFA with a code but asks for passphrase in addition to the password. My tax account does the same thing but also requires a code provided from an automated telephone call (3FA).

The other Bitwarden entries are for forums, like this one, routers, IPTV etc., most that generally do not have or need MFA.
If you use the term 3FA, then the term so used is from a site's perspective:

1st FA is always a password. But with increased need of security, there is ...

2nd FA which is often SMS. But if that fails, there is a need for ...

3rd FA to still be able to access the site, don't use a site that provides 2nd FA but not 3rd FA.

From a user's perspective, 2nd and 3rd can be many different combinations of FAs, hence I used the term MFA, Multi FA.

You use Authy with 2 devices. swerd uses Ubikey that you can stick in any general purpose computer. I presently use 4 devices. but as per post #15 I plan to reduce to 2 devices with each device being able to cover all 1st-2nd-3rd FA combinations. The 2 devices are the 'Backup Devices for MFA' as per thread title.

(Sorry, when it comes to security, I don't use proprietary hardware/software, it has to be open-source security software, it's personal preference, YMMV)
 

My Computer

System One

  • OS
    Windows 10 Pro

Latest Support Threads

Back
Top Bottom