Separate names with a comma.
Discussion in 'iOS 8' started by amro, Oct 15, 2014.
Get code via text or app? Any opinion?
I just get it via sms. Doesn't take more than 5 seconds or so to get.
If you use a number, you get a text message. If you use a device, it's shows as a pop up on screen. If the device is locked with a code, then you have to unlock to view.
When you go to use it, you have the choice. Sign up for both and you'll have more options when it's needed.
Yeah I did phone and multiple devices just in case. The more you have the less likely you'll lose the ability to reset it—unless you store the handwritten master code in a safety deposit box or something.
Ok, thanks for the feedback.
Dropbox give you a choice of either or. It looks like there is no advantage of one over the other.
Personally, I feel sending the code via SMS isn't all that secure. Unless you turn off "Show Previews" in Messages Options, the code will be displayed on your lock screen even with the phone locked. So if you loose your phone, 2 factor authentication becomes completely useless.
Very good point. Did not think about losing the phone.
SMS relies on cellular reception too, which is sometimes an issue.
I like the 2FA though, very good.
I'd always suggest getting a text. It can be slow to come through sometimes if your signal isn't great but some other systems require Google Authenticator which is an absolute pain to get the six digit code from within the app then enter in with enough time to spare.
Get SMS, Two Step is great with it. Incredibly secure.
As others have mentioned, I've got multiple options setup for Apple 2FA and the recovery key saved and encrypted in various cloud services and password managers.
For other services, using Authy for one-time use key generation: Google, Facebook, Dropbox, and which ever other services come along and supports time tokens. App for iOS devices and Chrome extension/app to desktop access.
Try an alternative code generator. OTP Auth can show the codes in the notification center in iOS 8 via a widget. In the latest release it can even insert the codes directly within Safari via an action extension.
Personally, I much prefer offline code generators because I don't always have good cellular connectivity while traveling, or there are expensive roaming fees for SMS. Unfortunately Apple's 2-factor authentication for iCloud does not support offline codes.
Update to this. With continuity in ios8, someone could steal your MB or ipad, have the code sent SMS, which shows up on their new screen:
Beware two-factor authentication using Yosemite's SMS forwarding
Better to rely 100% on device identify I'd say
Ummm, doesn't the Mac and iPad have to be on the same wi-fi as the iPhone? So, not really an issue if the thief is still sitting in your home or at the same coffee shop.
And in the case of Apple's 2FA, if you choose to send the code to a trusted device, instead of a phone number, and the device has a passcode, you have to unlock the device first to see the code.
Not really. You would have to lose the device you want to authenticate AND the phone that receives the SMS authentication code. If you're going to do that, you might as well leave your house keys under the door mat while you're at it!
You are given the choice of which device you want to send the message to, at the time when you are being authenticated. If you'd lost your phone, you obviously wouldn't choose to send your authentication code to that device.
Personally, I generally choose iMessage delivery. If you happen to be in an area of poor reception, you might not get an SMS code for some time. But if your iDevice has WiFi available, you'll get the code delivered almost instantaneously.