Thursday, August 18, 2022
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

How to use Authy: A guide for beginners

Researcher by Researcher
August 5, 2022
in Cybersecurity
0
How to use Authy: A guide for beginners
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


2FA increases the security of your account, Two-Factor Authentication digital screen displaying a 2fa concept, Privacy protect data and cybersecurity.
Image: David/Adobe Stock

It’s becoming more common for users to enable two-factor authorization when accessing their various accounts on the internet. The addition of 2FA over a simple password provides an increased layer of security and protection from hacking and phishing attacks.

Must-read security coverage

The popular Authy app has become the choice for many when handling their 2FA authentication. Below we’ll look at how to use Authy and get it up and running quickly to provide your accounts with an extra layer of security.

Using the Authy mobile app and desktop version

Authy works on both mobile and desktop with the ability to sync your various devices together. This means that once synced, you can use either the mobile version or your desktop when logging into any site that requires 2FA.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

To begin, install the mobile version. To do this, go to the iOS App Store or Google Play Store and download Authy as you would with any other app. Make sure to download the official version by Twilio.

Once downloaded, launch the app and you will be greeted by the main setup screen. This screen will ask you for your country code and phone number (Figure A).

Figure A

Enter your mobile number.

Enter the phone number for your device, then confirm. At this point, Authy will then need to verify your phone number by either sending a text message or an automated call. Once you receive the confirmation via SMS or voice call, enter it into the field provided.

Authy is now installed on your phone and you are ready to start adding accounts for 2FA authentication.

Setting up your accounts to use Authy for 2FA

Now you will want to start adding specific login accounts that you want protected by Authy. This process will vary slightly between different platforms and websites, but ultimately it’s the same across all sites.

In this example, we will be using GitHub, but almost any web account works the exact same way.

In GitHub — or whatever account you choose to protect — go to the Settings area for your account (Figure B). This is usually accessed via clicking on your account name or the three horizontal lines indicating a menu drop-down.

Figure B

Select Settings from your account profile

From there, click on Passwords and Authentication (Figure C). In some menus, this option will be called Security.

Figure C

Select the Password and Authentication option.

On the next page, select Enable Two-Factor Authentication (Figure D).

Figure D

Enable two-factor authentication.

At this point, most sites will ask if you want to use an app such as Authy or use SMS (Figure E). In this case, we will select Authy.

Figure E

Choose the app option.

You will then be presented with a QR code (Figure F). This is the code you will scan from the Authy mobile app to link the two applications.

Figure F

QR Code for syncing.

Return to the Authy mobile app. If this is a new install, the app will only display a + icon. Click this to add a new account. Otherwise, click the top right menu and select Add Account (Figure G).

Figure G

Select the + sign or Add Account from the menu.

The app will then tell you it’s ready to scan the QR code. Click the blue bar that reads Scan QR Code (Figure H).

Figure H

Click Scan QR Code.

Then simply use your phone’s camera to scan the QR code on the screen. Authy will recognize the QR code and present you with a six-digit PIN code to enter into the website (Figure I).

Figure I

Enter the code from the Authy app into the website.

Enter this code and you have completed the process of enabling two-factor authentication with Authy. Whenever you log in to that account, you will be required to enter the six-digit PIN provided by Authy.

This is a constantly changing PIN and resets every 15 seconds. The next time you log in, you will need to enter the new PIN provided by Authy before the code resets. If it resets before you log in, just use the next code presented by the Authy app. Never share this PIN with anyone.

Using Authy on desktop and syncing devices

Now that Authy is set up on your phone, you’ll want to add your desktop computer so that you can log into sites without the need to always have your phone handy.

Begin by clicking the top right corner in the mobile app and clicking Settings. You will then want to click Enable Multiple Devices (Figure J).

Figure J

Turn on Enable Multiple Devices.

Once done, go to the Authy website on your desktop browser and click the download link at the top of the page. Then select your operating system — either macOS or Windows. Once downloaded, you will install the program as you do with any other application on your computer.

Authy will then load after being installed and the screen will be virtually identical to the mobile version you just installed earlier.

At the first screen, once again enter your phone number. Make sure it’s the same one you used to set up the mobile Authy app (Figure K).

Figure K

Enter your number for Authy desktop.

Once entered, the Authy app on your phone will be notified and alert you that a new device wants to be synced to the account (Figure L).

Figure L

Accept your new device.

You will be asked to confirm this sync by manually typing OK.  Do this and then you will receive a confirmation page. The process is now complete and your desktop Authy is synced with your mobile version.

All accounts added with one device will be instantly shared across all devices you add.

Remember to enable backups for Authy

There is another crucial step when using Authy that is sometimes not enabled by default. This is to enable a backup password. This is one of the most important steps, because if your phone or device is lost or damaged, there will be no other way to retrieve your accounts other than using this password.

To enable this feature, go to the top right corner of the mobile app and select Settings. From there, click on Enable Backups (Figure M).

Figure M

Enable Backups.

Note: On some new Authy installs, the prompt to enable password backups may appear when attempting to add your first website account. In this case, simply create your password at that time.

This password is very important, so make sure to write it down, verify it’s correct and then store it in a safe place. There is no way to retrieve or recover this password. So if you lose it or forget it and your devices become inoperable, you will be unable to gain access to your website login accounts.

Once you have your backup password set up, that’s everything there is to using Authy. If you add new accounts or devices in the future, the process will be exactly like the previous examples outlined in this guide.



Source link

Related articles

Spring Framework Flaw Exploited in Mirai Malware Attacks

CISA Warns of Ongoing Exploitation Against Zimbra Flaws

August 18, 2022
High-Severity Flaw in Argo CD is Information Leak Risk

Apple Patches New macOS, iOS Zero-Days

August 18, 2022
Tags: AuthybeginnersGuide
Share76Tweet47

Related Posts

Spring Framework Flaw Exploited in Mirai Malware Attacks

CISA Warns of Ongoing Exploitation Against Zimbra Flaws

August 18, 2022
0

Attackers are exploiting multiple, previously disclosed flaws that impact Zimbra’s enterprise collaboration software and email platform, warned the Cybersecurity and...

High-Severity Flaw in Argo CD is Information Leak Risk

Apple Patches New macOS, iOS Zero-Days

August 18, 2022
0

Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and...

Seaborgium targets sensitive industries in several countries

Seaborgium targets sensitive industries in several countries

August 17, 2022
0

Image: Adobe Stock New research from Microsoft Threat Intelligence Center (MSTIC) sheds light on a cyberespionage threat actor known as...

DEF CON – “don’t worry, the elections are safe” edition

DEF CON – “don’t worry, the elections are safe” edition

August 17, 2022
0

Don’t worry, elections are safe. Our Security Researcher Cameron Camp provide us highlights from the DEF CON 30 conference. Scattered...

Azure Developers Targeted By Malicious NPM Packages

RubyGems Requires MFA for Popular Projects

August 17, 2022
0

RubyGems, the popular community site for hosting Ruby projects, is now requiring the maintainers of the most popular projects to...

Load More
  • Trending
  • Comments
  • Latest
Brave browser’s Tor mode exposed users’ dark web activity

Brave browser’s Tor mode exposed users’ dark web activity

February 18, 2022
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
A first look at threat intelligence and threat hunting tools

A first look at threat intelligence and threat hunting tools

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 18/08

August 18, 2022
Spring Framework Flaw Exploited in Mirai Malware Attacks

CISA Warns of Ongoing Exploitation Against Zimbra Flaws

August 18, 2022
High-Severity Flaw in Argo CD is Information Leak Risk

Apple Patches New macOS, iOS Zero-Days

August 18, 2022
How Can Crypto and CBDCs Help Communities?

How Can Crypto and CBDCs Help Communities?

August 18, 2022

Recent Posts

This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 18/08

August 18, 2022
Spring Framework Flaw Exploited in Mirai Malware Attacks

CISA Warns of Ongoing Exploitation Against Zimbra Flaws

August 18, 2022
High-Severity Flaw in Argo CD is Information Leak Risk

Apple Patches New macOS, iOS Zero-Days

August 18, 2022

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • Malware
  • Networking
  • Protection

Tags

Access Android attack Attacks banking BiWeekly breach bug Cisco critical Cyber Cybersecurity Data devices Digital financial Finds Fintech Flaw flaws Google Group Hackers Krebs Latest malware Microsoft million Network News open patches Payments phishing platform Ransomware RoundUp security Software TFT Threat vulnerability warns Week Windows

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved