aboutsummaryrefslogtreecommitdiff
path: root/source/blog
diff options
context:
space:
mode:
Diffstat (limited to 'source/blog')
-rw-r--r--source/blog/2015-05-29-apples-customer-service-is-still-the-best-plus-an-authy-horror-story.md4
1 files changed, 2 insertions, 2 deletions
diff --git a/source/blog/2015-05-29-apples-customer-service-is-still-the-best-plus-an-authy-horror-story.md b/source/blog/2015-05-29-apples-customer-service-is-still-the-best-plus-an-authy-horror-story.md
index c9b3b6b1..9873eccc 100644
--- a/source/blog/2015-05-29-apples-customer-service-is-still-the-best-plus-an-authy-horror-story.md
+++ b/source/blog/2015-05-29-apples-customer-service-is-still-the-best-plus-an-authy-horror-story.md
@@ -13,12 +13,12 @@ This is *the* customer service we should receive everywhere. Unfortunately, Appl
---
-By the way, my only gripe during the process wasn't with Apple; it's about setting up Authy on the new phone. I verified my phone number via SMS and signed into Authy. I entered my backup password, which must be correct since it came straight off 1Password. My Authenticator accounts were displayed (I didn't verify if they would produce TOTPs) but a weird error message along the line of "data is corrupted" was shown to me, asking me to verify my phone for a second time. Unsuspecting, I asked Authy to send me another SMS, and entered the code I got. Then boom! All of a sudden *all my Authenticator accounts were gone*, leaving me with merely an Authy dev and a Coinbase account, which were the only ones using Authy's native auth system. My heart almost sank for a second; I could foresee the hours that would go down the drain, recovering (dozens of) accounts and regenerating new keys for two-factor auth.
+By the way, my only gripe during the process wasn't with Apple; it's about setting up Authy on the new phone. I verified my phone number via SMS and signed into Authy. I entered my backup password, which must be correct since it came straight off 1Password. My Authenticator accounts were displayed (I didn't verify if they would produce TOTPs) but a weird error message along the line of "data is corrupted" was shown to me, asking me to verify my phone for a second time. Unsuspecting, I asked Authy to send me another SMS, and entered the code I got. Then boom! All of a sudden *all my Authenticator accounts were gone*, leaving me with merely an Authy dev and a Coinbase account, which were the only ones that use Authy's native auth system. My heart almost sank for a second; I could almost foresee hours going down the drain, recovering (dozens of) accounts and regenerating new keys for two-factor auth.
That was before I immediately realized that all my secret keys were safe and sound in 1Password's database. In the past few months, AgileBits implemented TOTP support in both the iOS and OS X versions of 1Password. The day [OS X support came into stable 5.3](https://blog.agilebits.com/2015/04/06/1password-5-3-for-mac-the-bionic-edition-is-out/), I exported all my Authenticator secret keys from Authy to 1Password (with help from [this blog post](https://www.pommepause.com/2014/10/how-to-extract-your-totp-secrets-from-authy/)[^blog-post]). At that time I didn't expect 1Password would save my day later. Overall, the $50 (OS X) plus $17 (iOS) I spent on 1Password was my most worthwhile spend on software, ever.
[^blog-post]: The first comment below that post is mine.
-The lesson to learn from my Authy horror story is that one should export and backup Authenticator secret keys from Authy before it's too late. Moreover, this one shitty experience with Authy is enough to keep me away from it for the ages to come, expect for services that are Authy-specific, e.g., Coinbase[^bitcoin]. 1Password is the way to go, and with the addition of TOTP, it is one more step towards a truly one password experience. If you don't own 1Password yet, you should really get it, now.
+The lesson to learn from my Authy horror story is that one should export and backup Authenticator secret keys from Authy before it's too late. Moreover, this one shitty experience with Authy is enough to keep me away from it for the ages to come, except for services that are Authy-specific, e.g., Coinbase[^bitcoin]. 1Password is the way to go, and with the addition of TOTP, it is one more step towards a truly one password experience. If you don't own 1Password yet, you should really get it, now.
[^bitcoin]: I have a Coinbase account and probably around 0.01 BTC in my wallet, but I don't really use bitcoins. At the time I signed up for two-factor auth on Coinbase, Authy seemed to be only supported system; however, I just signed in again and it seems that Coinbase is now supporting Authenticator also. Whatever the case, Authy is practically dead for me.