ghost
commented
5 years ago agreed, this could even be a premium feature
Open davidbloom opened 6 years ago
ghost
commented
5 years ago agreed, this could even be a premium feature
ei8fdb
commented
5 years ago "Recovery of deleted/lost tokens" (#281 , #242 #225) would be a good goal to help the user achieve.
I use andOTP (open source android 2FA app) for this reason.
The way it solves this is:
Having had horrible experiences in trying to recover access when 2FA apps die, I'd give this 👍.
robin-moser
commented
5 years ago Any updates on this one?
Unfortunately, I don't have any experience in Swift, so it's likely not possible for me to work on such a feature. But an encrypted Backup would make the restoring of keys much simpler.
jrothlis
commented
5 years ago I'm slowly moving all my 2FA tokens off Authenticator as it has just become a massive single point of failure. If I had to replace my phone the pain of replacing every one of those tokens would be enormous and very stressful. Not having an encrypted backup maybe made sense when very few websites supported it, but I have dozens of tokens now, and it's just too many eggs in one basket!
It would be great if Authenticator allowed users to export a password-encrypted archive of their 2FA keys, and to import such archive files generated on another device (assuming the user knows the password used to generate the archive).
Like an iTunes Encrypted Backup of the whole device, this would require the user to specify a password that is used to encrypt the backup file.
This way users have an alternative to iTunes Encrypted Backup for moving their tokens to a new device. It's particularly useful if someone wants to "start fresh" on a new iPhone, without having to re-enroll 2 factor authentication for all of their services.
I understand that by design, Authenticator is designed to not sync or back up the keys because it undermines the security of 2 factor authentication. Providing a means to archive and restore the keys in a way that does not provide more capability than iTunes Encrypted Backup seems like a good way to do that without too much compromise.