Summary

  • Authy is a 2FA app that recently suffered a data breach that exposed more than 33 million phone numbers.
  • An unsecured API endpoint allowed threat actors to collect linked numbers.
  • If you think your personal information might be among the 33 million leaked numbers, consider securing your accounts with 2FA and be wary of SMS phishing attacks.
  • @[email protected]
    link
    fedilink
    English
    8
    edit-2
    6 months ago

    Don’t use cloud based 2fa and you won’t need to wonder about this.

    Aegis is one of several opensource 2fa apps you can use instead.

    • Dog
      link
      English
      26 months ago

      Ok, but what happens if your phone gets stolen?

      • @[email protected]
        link
        fedilink
        English
        36 months ago

        The same as for anything else if your phone gets stolen. You restore from backups.

        Aegis allows you to make a backup that you can keep yourself on your computer, your own cloud storage etc.

        Every OS has some kind of built in vault/encryption feature. Put the file in there. It only needs to be updated when you add another 2fa account (so very infrequently)