Comments (8)
I have avoided implementing any sort of sync because of security concerns – both the token secrets existing on multiple devices, and also my own ability to write a secure syncing solution.
I'll give this more thought as I also look into backup and restore.
from authenticator.
Somewhat related to: #6
from authenticator.
Somewhat related, but I would consider backup and sync to be different enough for a separate topic/issue.
from authenticator.
Personally I don't store passwords in the keychain, so it would make sense for me to just have the tokens automatically synchronizing that way. But I may be the odd one out.
Wouldn't a simple solution be to just have a setting, perhaps even per token, of whether to store that item in a synchronized keychain or local?
from authenticator.
I like Authenticator because it adheres to the spirit of Multi-factor authentication which ties the factor to a physical object (my phone):
Multi-factor authentication (MFA) is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism - typically at least two of the following categories: knowledge (something they know); possession (something they have), and inherence (something they are).
With the way Authenticator works, to authenticate as me you must be in possession of my phone. That's it. And since I have Touch ID enabled immediately on device lock I have all three categories covered:
- My password (something I know)
- My finger (something I am)
- My phone (something I have)
I think syncing the secrets behind the authenticators fundamentally breaks this. If the secrets get into my iCloud keychain then you potentially no longer need to have my phone. At the moment I highly trust Apple's iCloud Keychain sharing but I still don't want to put my second factor secrets in there.
There are two UX problems to solve that I think syncing is the wrong solution to:
- Getting the generated code from the device with minimal user annoyance
- Migrating the secrets to a new device
Solutions to 2 should not use The Cloud™. Encrypted backups as they work now do this. A potential other solution is exporting a PGP encrypted file of the secrets that I can share with myself.
Solutions to 1 should treat the Authenticator app as a service that can send generated codes (not secrets) that require my physical presence with the device.
from authenticator.
Solutions to 2 should not use The Cloud™. Encrypted backups as they work now do this. A potential other solution is exporting a PGP encrypted file of the secrets that I can share with myself.
Aren't you being a bit black/white here? I understand that cloud options must be carefully thought about and should not be a default. However for my use case (which was to transfer from one device to another), I would definitely have "risked it", since I don't store anything else of importance in the Keychain.
"The Apple Way" of getting from one device to another are:
- Password protected iTunes backup or encrypted iCloud backup.
- Keychain item marked for iCloud sync (notice this can be done on an item-by-item level)
- Write/Read from iCloud Drive
Personally I have experience of supporting users with scenario 1 and 3. Our app used to rely only on 1, and I can vouch for that it is a big pain to explain to users under what scenarios their data is backed up. The little detail about password protected iTunes backups often eludes the user.
When we finally introduced 3, an explicit backup action that writes to iCloud drive, our life got so much easier.
I think Authenticator should give the user a choice, like an explicit backup action, or keychain sync.
from authenticator.
I've switched to using 1Password for my one-time passwords. I've been a long-time user, and didn't know they supported his. This gives me the sync I want across my devices, with some extra security.
I understand that 2-Factor when used in this fashion isn't really 2-Factor, but rather 2-Step. But it also isn't 2-Factor if you store your passwords on the same phone as Your authentication app as I do anyway in 1Password. My 1Password on my phone is protected by my fingerprint, and every 24-hours requires my full master password.
What 2-step gives me is protection from typing passwords into untrusted machines, protection from network snooping, and protection from shoulder-surfing. If someone gets one of my passwords, unless they can also get into my synced 1Password (less likely then just getting a site password but not impossible) I am still safe. Or at least I have longer to reset everything.
from authenticator.
I think Authenticator should give the user a choice, like an explicit backup action, or keychain sync.
I was being too black and white I suppose. I like the idea of Authenticator being opinionated about security and keeping my secrets on my device and letting me choose about how severe I want to be about security while being as secure as possible by default.
from authenticator.
Related Issues (20)
- my instagram Authenticator account has been hacked
- More details
- Authenticator app HOT 3
- Matt, Please check your LinkedIn
- Need a Token! HOT 3
- 2factor authenticator to log into instagram
- Hello
- Unlink my Facebook account
- Help with Authentication codes
- I need to unlink my Facebook account from Authenticator HOT 1
- I failed to see the warning about codes not transferring with phone. Is there anything you can do, please?
- Upgraded to new iPhone and now the authenticator 2 factor numbers on the new phone does not allow access to any of my 2 factor accounts
- Is there a way to exclude Authenticator data from encrypted backups?
- Generated codes not working/incorrect
- Broken Phone and migrating to Android
- Generated codes no longer valid in IOS 17.3.1 HOT 3
- closed
- URGENT - my phone died with my codes HOT 1
- (URGENT) Iphone randomly factory reset (Apps Gone)
- App is blank. HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authenticator.