🔍
STOP Using Google Authenticator❗(here's why + secure 2FA alternatives) - YouTube
Channel: All Things Secured
[0]
- Seriously, I stopped
using Google authenticator
[2]
and I think you should too.
[4]
Here's why.
[4]
(ambient music)
[6]
By this point, you already know
[7]
that 2-factor authentication
is the best way
[10]
for the average person to
secure their online accounts.
[12]
For the past few years,
Google has positioned itself
[14]
as the standard for this kind
of security authentication
[17]
and up until recently,
I've been a faithful user
[20]
of the Google Authenticator
app, but no more.
[22]
I am seriously fed up.
[24]
The Google app has now
been deleted from my phone.
[27]
Sorry. That's not entirely true.
[29]
I've kept it on my phone
while I'm doing this video
[31]
but once this video goes live
[33]
the app will be deleted
forever from my devices.
[35]
What's absolutely crazy is mind boggling
[38]
is that the reason I'm
deleting Google Authenticator
[41]
is because it's not secure.
[43]
It's a security app that's
unbelievably insecure.
[46]
There are two important reasons for this,
[48]
first Google Authenticator
does not allow you
[50]
to lock the app.
[52]
Let's take your banking app as an example.
[54]
If somebody has access to your phone
[56]
that doesn't mean they
can automatically log on
[58]
to your bank account,
[58]
they still need your
password in order to do so.
[61]
But that's not the case
with Google Authenticator.
[62]
Anybody who has access to your phone
[64]
or is able to hack their way into that
[66]
first six digit passcode
[67]
is gonna have full access
to all of your 2FA keys
[70]
without any additional
passcode to get into that app.
[73]
And that is not a secure way to do it.
[76]
Secondly, and probably equally importantly
[78]
Google Authenticator does not
allow for any kind of backup
[81]
of all of these security codes.
[83]
That means that if you lose your device
[85]
or if it gets stolen,
[85]
or if you just lose access
to Google Authenticator
[87]
while you're switching phones
and something like that
[91]
you've just lost access to
all of your online accounts.
[94]
Now, unless you've kept
all of your backup codes
[96]
when you first set up your 2FA accounts
[98]
which, let's be honest,
[100]
a lot of us haven't done that very well,
[102]
Google has no backup of this file
[104]
that you can now upload and reuse
[106]
and so it is very, very dangerous.
[108]
It's putting all of
your eggs in one basket.
[110]
So what are the alternatives?
[112]
Well, there are three primary
alternatives that I recommend.
[114]
There's plenty more out there
[115]
but these are the three
that I really like.
[117]
And I'm gonna share them
with you one by one here.
[119]
(zapping)
[121]
You'll notice as I open the Authy app
[123]
that I have to enter a pin code
[125]
in order to get access to my 2FA keys.
[127]
And this is an important security feature
[129]
that you'll find with Authy
with Microsoft Authenticator
[131]
and even with 1Password,
[132]
the three apps that I'm gonna
share with you right now.
[135]
And that means that even
if somebody has access
[138]
to your phone and it's unlocked,
[140]
that doesn't mean they're automatically
[142]
gonna have access to your 2FA keys
[143]
and that's something
that Google Authenticator
[145]
doesn't have and it should.
[147]
And once I get in here,
[149]
Authy and others have
multi-device support,
[152]
which means that you
can have this downloaded
[154]
and all your 2FA keys synced
between different devices,
[157]
including your desktop.
[159]
So I've downloaded the
desktop app for Authy
[162]
and here you can see
that I've already synced
[164]
all of the different 2FA tokens.
[166]
And now, instead of having
to pull out my phone
[168]
whenever I need to get a 2FA key
[170]
and I'm on my laptop or my desktop,
[172]
I can open up the app here instead.
[175]
And that's a convenience factor.
[177]
Maybe it's not quite as secure
[179]
to have that syncing
happening between devices
[181]
so that's entirely up to you,
[182]
whether you want to you can turn off
[184]
multi-device support if you'd like.
[186]
On Authy, that happens
within the security settings
[189]
but I do like that you can sync up
[191]
and it's an encrypted file
[193]
and that way, if you do have
your phone lost or stolen
[196]
you can now download that synced file
[197]
and you still have all your 2FA keys.
[199]
You don't have to go through
that recovery process.
[203]
The app is passcode protected,
[204]
and it's just a beautiful design.
[206]
I like how they use the logos
[209]
of all the different
logins that I'm gonna use
[210]
instead of having to scroll
through in Google Authenticator
[213]
like you saw earlier.
[214]
(zapping)
[216]
If I'm opening up Microsoft Authenticator,
[218]
it's pretty much the exact same thing
[220]
where I can use my face ID,
[222]
Authy's the same way you can
use any type of biometric data
[225]
that your device allows
for in order to unlock
[228]
the app itself
[230]
and then you can look in, get your codes,
[232]
copy those codes if you want.
[234]
Within the Microsoft Authenticator
[237]
if you go into the settings
here you'll find that
[239]
they do allow for iCloud Backup.
[241]
So perhaps you don't want
to use Authy's backup.
[245]
Maybe you don't trust them for some reason
[246]
and I completely understand,
[248]
well, you can use the iCloud Backup
[250]
on Microsoft Authenticator
[252]
to make sure that you are
backing up an encrypted file
[254]
of all your 2FA keys
to your iCloud account.
[257]
So it's not going to Microsoft,
it's not going to Authy
[259]
it's your iCloud account.
[262]
Now, Microsoft Authenticator,
in order to use that feature
[265]
in order to use the auto-fill
feature or anything like that
[268]
you have to actually create
[270]
or you have to have a Microsoft account.
[273]
That's a little annoying to me.
[274]
It's not that big of a deal
you can just create an account
[277]
for Microsoft through the app,
[279]
and then use that to take advantage
[281]
of the different features.
[282]
That's something that
Authy doesn't require.
[284]
However, Authy does require
that you use your phone number
[288]
to register your device.
[289]
And so there's, again
[291]
a little bit of that
security feature there
[293]
where you're getting your
phone number attached
[294]
to your 2FA keys,
[296]
and yeah, it's kinda up to you
how you wanna deal with that.
[300]
(zapping)
[302]
The final one that I like
[303]
and the one that I use
most often is 1Password.
[306]
Now this isn't a pay.
[307]
This is the only one of the
three that I'm sharing with you
[309]
that is a paid premium option
but I already use 1Password
[313]
for my passwords, for creating
passwords, storing passwords
[317]
and auto-filling them
on all of my devices.
[320]
So this is just an added bonus
[322]
where I can scan in any of the 2FA codes
[325]
and now it's part of my
password encrypted vault.
[329]
Now, of course, again,
[330]
there are security risks involved in that
[332]
because I'm putting all
my eggs in one basket.
[334]
There are some people
that would prefer to do
[336]
their passwords with one
[337]
and their 2FA codes with another app.
[340]
But I don't mind doing it with
my password manager 1Password
[344]
because they do just make it very simple.
[345]
They actually copy and paste.
[346]
And when I'm using my desktop,
[348]
you can notice that they
automatically fill in
[351]
that one-time code if
it's one of my logins
[354]
that asks for the one-time code for 2FA,
[358]
and that's again, really convenient.
[360]
I like that it gets synced between
[362]
all of my different devices
and it makes it really easy.
[365]
So Authy, Microsoft
Authenticator and 1Password
[368]
are excellent alternatives
to Google Authenticator
[372]
that are much more secure.
[373]
They're much easier to use
[375]
and frankly they're much more
beautifully designed apps
[378]
in the end.
[378]
So that's what I recommend.
[380]
Go ahead and start making that switch
[382]
because the last thing
you want is to get caught
[384]
with your Google Authenticator app
[386]
and your phone being stolen or lost
[388]
or somehow losing that data
because it's not synced up
[391]
and you don't have an easy way
to recover any of those codes
[395]
and that is a terrible position to be in.
[397]
I definitely don't wanna find you there.
[399]
If this video has been
helpful, give it a thumbs up.
[402]
Thank you for watching.
[402]
If you have questions,
[403]
I try to answer all of
those in the comments below
[405]
and as always subscribe to this
[407]
All Things Secured YouTube channel
[409]
for more great tips and tricks
[411]
related to your online security.
Most Recent Videos:
You can go back to the homepage right here: Homepage