Forum Discussion

Farmer617's avatar
Farmer617
Newbie Caller
Hace 4 años

Why not Authy for 2FA???

When will T-Mobile support Authy for 2FA???

Google Authenticator is inherently insecure.

  • whist's avatar
    whist
    Roaming Rookie

    I thought you should be able to use any authenticator app.  I set mine up using a different app than Google Authenticator.

  • whist wrote:

    I thought you should be able to use any authenticator app.  I set mine up using a different app than Google Authenticator.

     

    @ T-Mobile, please consider alternative authenticator apps to Google's, such as "Aegis" and "Authy".

     

    (There might even more recommended alternatives out there if anyone else has suggestions.) 

  • I use Authy; absolutely, will NOT use Google Authenticator!

  • Thanks for the suggestion. We don't have any word we'll be using this authentication type right now. T-Mobile does make changes to benefit customers so if the decision's made that this is more beneficial, we might see this in the future.

  • Update: Good News

     

    Turns out that Authy (and all other 2FA apps) hacer work with T-Mobile. 

    Visita https://my.t-mobile.com/account/profile

    Scroll down to "Google Authenticator" and either enable/manage. Copy the code and paste it into a new entry at Authy (or any other alternative 2FA app).

     

    Confirming it works, I just signed in to these forums using an Authy-generated code. 😁👍

  • RicD's avatar
    RicD
    Network Novice

    Today, 2021-09-29, on the T-Mobile site I used all three authentication apps, Authy, Google, and Microsoft. All three worked. After you test an app make sure within the T-Mobile web site you turn it off then remove it. Now, you can test another authenticator app. 

    Reasons I prefer not using Google Authenticator:

    1. When you open the app it does not ask for a password. Both Authy and Microsoft ask for a login password.
    2. Google Authenticator app cannot be on two devices and sync. Neither can Microsoft.
    3. Google does not automatically backup your authentication data. On the device users can generate a QR code, it becomes your backup. On many Android phones for security reasons the QR code cannot be screen printed. A solution is using another device capture the screen, then print the QR code on paper. 
    4. With Google Authenticator app if you trade in or sell your phone, you must remove their app. Then on your new device, if you do not have the backup QR code thingy-bob, you will recreate all your sites all over again manually. UGH! Same applies if you break, lose, or your phone is stolen.
    5. Microsoft Authenticator does backup, sometimes. Go to settings find cloud backup turn it off, it deletes the backup. Immediately turn it on the app backups to OneDrive; yes Microsoft could do better. Now you have a real backup for restoring. Microsoft app is an excellent app, it just does not sync to other devices.
    6. Authy backs up. Thus if Authy is installed on your other devices it sync to those devices BAM!. At present I use Authy on Samsung Note 20, iPad and MacBook Pro. When my phone is not within reach I open Authy on one of those devices the login codes are available. 

    If you have the Google Authenticator app listed in T-Mobile, it must be removed from within their website. When removed you can add the authenticator of your choice. 

    Hope the above is useful.

    RicD

     

     

     

     

  • schwit's avatar
    schwit
    Newbie Caller

    The T-Mobile login says Google Authenticator but it actually uses the TOTP algorithm. There are many TOTP apps such as Authy and Aegis, and any of them can be used where Google Authenticator is specifically mentioned.

  • newUzer's avatar
    newUzer
    Network Novice

    It works with 1Password as well.  I used the QR code for Google Authenticator but in 1Password.