Jun 20 2022 02:50 AM - edited Jun 20 2022 03:04 AM
I really enjoy using the authenticator app, but I'm worrying about my phone getting stolen and losing access to all of the accounts associated with it.
I see there is a cloud backup feature, but I have issues with it: (1) if it requires a strong login, that's an issue when my phone is stolen, because I also can't receive text messages anymore, or (2) if it doesn't require a strong login, that's also an issue, because anyone with my personal email + password could recover my MS authenticator data too.
To me it seems like the cloud backup feature was intended for moving the account between phones, not as actual backup.
To get an actual backup, I would like to be able to manually export the app data* to a file (possibly with password encryption), so that that file can then be imported by another phone in the event of phone theft. I can then put my pw (or an unencrypted backup file) in my locally stored password manager, and safely allow my phone to get stolen ;)
* everything required to generate the one-time tokens including private keys. So not a token that gives access to cloud storage.
Jun 21 2022 04:46 AM - edited Jun 22 2022 02:53 AM
I think that would be a poor solution to the problem.
Compare how the Google Authenticator accounts migration implementation works. It's a simple and slick 2 step process. I was done in under 10 seconds!
Why request an archaic solution to this problem?
Jun 21 2022 05:24 AM
How does the google authenticator immigration implementation solve this problem? I'm not familiar with it, and from what I can find online, there are many different overlapping features on this topic.
Maybe there's a better solution, but I just don't know about it!
Jun 21 2022 05:56 AM
Jun 21 2022 06:00 AM
Jun 21 2022 07:22 AM
Jun 21 2022 10:22 AM
Jun 22 2022 02:57 AM