ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Apple 2FA

    Scheduled Pinned Locked Moved IT Discussion
    apple2faauthentication
    29 Posts 7 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • pmonchoP
      pmoncho @JaredBusch
      last edited by

      @JaredBusch said in Apple 2FA:

      @pmoncho said in Apple 2FA:

      @JaredBusch said in Apple 2FA:

      @Dashrender said in Apple 2FA:

      @pmoncho said in Apple 2FA:

      @Dashrender said in Apple 2FA:

      @pmoncho said in Apple 2FA:

      @JaredBusch said in Apple 2FA:

      @pmoncho said in Apple 2FA:

      Working on our potential WFH plan, I plan on having my users use 2FA to access our SSL-VPN. I won't have an issue with Android and Windows but I have no clue how to help those with iPhones as I have not used or played with one.

      I use Authy myself and a few others use Google Authenticator. Did some searching and Apple has 2FA in the OS but states it is only for Apple devices.

      So what do individuals use for 2FA for work or other sites? Just use MS Authenticator and Google Authenticator?

      Umm, what would apple's built in 2fa have to do with your third party websit 2fa?

      The fact that Apple does not have their own Authenticator app in the app store like Google and MS do. Plus, what Apple does have, only works with Apple products. Hopefully this knowledge will save time for someone is in the same situation.

      Other than that, nothing.

      Well sure - Since apple owns it's world from soup to nutz they can bake their own MFA in, none of the other platforms do - so they have to to provide add-on apps.

      Yeah, I totally understand why they do what they do. Just didn't realize they wouldn't have an app for their users. Oh well, moving on...

      Since apple controls the whole thing, they don't need to do what others do - so a separate app isn't necessary for them.

      Would you just stop. This has nothing to do with actual 2FA as he is attempting to implement. Do not conflate things.

      So, then are you saying that the 2FA that is internal to Apple OS, is totally different concept than the 2FA the Google/MS app provides?

      I do understand the the implementation may be different but is the concept different?
      If so, then I definitely am missing something.

      Yes, you are missing something. It is not OTP 2FA as you are discussing.

      Ok Thanks, that make much more sense. Will worry more about Apple if I ever get one.

      1 Reply Last reply Reply Quote 0
      • pmonchoP
        pmoncho @JaredBusch
        last edited by pmoncho

        @JaredBusch said in Apple 2FA:

        Authy has long been a better solution to use. but recent news means GA is just bad.
        https://lifehacker.com/switch-from-google-authenticator-to-a-more-secure-2fa-a-1842212483

        Good to know. Authy it is.

        1 Reply Last reply Reply Quote 0
        • brianlittlejohnB
          brianlittlejohn
          last edited by

          FreeOTP Authenticator from Redhat is another option.

          1 Reply Last reply Reply Quote 1
          • black3dynamiteB
            black3dynamite
            last edited by

            Authy is my first choice.

            • The encrypted backups for your accounts.
            • Allow approval from notifications. But it's disabled if you enable Authy protection PIN.
            • For security of the app, you can enable App protection, touch id protection, and protect the entire app.
            • Another nice addition is there Authy Desktop app (macOS, Windows and Linux via Snap) and Authy app for Chrome.
            DashrenderD JaredBuschJ 2 Replies Last reply Reply Quote 3
            • DashrenderD
              Dashrender @JaredBusch
              last edited by

              @JaredBusch said in Apple 2FA:

              Authy has long been a better solution to use. but recent news means GA is just bad.
              https://lifehacker.com/switch-from-google-authenticator-to-a-more-secure-2fa-a-1842212483

              if you have malware on your device, I'm not sure this is really what I'm worried about. Sure it's not great, but it could definitely be worse.

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @black3dynamite
                last edited by

                @black3dynamite said in Apple 2FA:

                • Allow approval from notifications.

                Which services support this with Authy?

                black3dynamiteB JaredBuschJ 2 Replies Last reply Reply Quote 0
                • black3dynamiteB
                  black3dynamite @Dashrender
                  last edited by

                  @Dashrender said in Apple 2FA:

                  @black3dynamite said in Apple 2FA:

                  • Allow approval from notifications.

                  Which services support this with Authy?

                  I haven't bother looking into it because I use the app that is provided for that service.

                  1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @Dashrender
                    last edited by JaredBusch

                    @Dashrender said in Apple 2FA:

                    @black3dynamite said in Apple 2FA:

                    • Allow approval from notifications.

                    Which services support this with Authy?

                    FFS we had this conversation within the last 14 days

                    everything does. because these are all built to standards.

                    1 Reply Last reply Reply Quote 1
                    • JaredBuschJ
                      JaredBusch @black3dynamite
                      last edited by

                      @black3dynamite said in Apple 2FA:

                      Allow approval from notifications. But it's disabled if you enable Authy protection PIN.

                      @Dashrender read the entire fucking line....

                      The app supports it unless you proctect it in the first place. which you should..

                      It has nothing to do with the service.

                      DashrenderD 1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender @JaredBusch
                        last edited by

                        @JaredBusch said in Apple 2FA:

                        @black3dynamite said in Apple 2FA:

                        Allow approval from notifications. But it's disabled if you enable Authy protection PIN.

                        @Dashrender read the entire fucking line....

                        The app supports it unless you proctect it in the first place. which you should..

                        It has nothing to do with the service.

                        I don't recall such a conversation - I'm specifically talking about push notifications - I was unaware that third parties were able to register for and receive push notifications like Google and MS (and frankly Apple) provide their MFA apps.

                        travisdh1T 1 Reply Last reply Reply Quote 0
                        • travisdh1T
                          travisdh1 @Dashrender
                          last edited by

                          @Dashrender said in Apple 2FA:

                          @JaredBusch said in Apple 2FA:

                          @black3dynamite said in Apple 2FA:

                          Allow approval from notifications. But it's disabled if you enable Authy protection PIN.

                          @Dashrender read the entire fucking line....

                          The app supports it unless you proctect it in the first place. which you should..

                          It has nothing to do with the service.

                          I don't recall such a conversation - I'm specifically talking about push notifications - I was unaware that third parties were able to register for and receive push notifications like Google and MS (and frankly Apple) provide their MFA apps.

                          This is a whole other topic again.

                          When do you think apps stopped being able to do push notifications? That's all it is.

                          DashrenderD 1 Reply Last reply Reply Quote 0
                          • stacksofplatesS
                            stacksofplates
                            last edited by stacksofplates

                            I do a few different things. I use FreeOTP and Yubikeys to store legacy TOTP codes. I also use Yubikeys for u2f as well. If the service has a 2fa push option like Zoho does, then I'll also sign up for that. This way I cover my bases if I happen to lose something.

                            Plus you also have recovery codes for that as well.

                            1 Reply Last reply Reply Quote 1
                            • DashrenderD
                              Dashrender @travisdh1
                              last edited by Dashrender

                              @travisdh1 said in Apple 2FA:

                              @Dashrender said in Apple 2FA:

                              @JaredBusch said in Apple 2FA:

                              @black3dynamite said in Apple 2FA:

                              Allow approval from notifications. But it's disabled if you enable Authy protection PIN.

                              @Dashrender read the entire fucking line....

                              The app supports it unless you proctect it in the first place. which you should..

                              It has nothing to do with the service.

                              I don't recall such a conversation - I'm specifically talking about push notifications - I was unaware that third parties were able to register for and receive push notifications like Google and MS (and frankly Apple) provide their MFA apps.

                              This is a whole other topic again.

                              When do you think apps stopped being able to do push notifications? That's all it is.

                              huh? The MS authenticator registers itself for push notifications from MS, GA does from Google - are you saying you can do that with Authy for google and microsoft services?

                              I completely understand that I can add TOTP to Authy for MS and Google, but I quoted and am specifically asking about push notifications from those via Authy.

                              My google foo is finding nothing but people bitching about how authy does NOT support push, but does support TOTP.

                              Now all that said - I see that Authy has created One Touch - and that One Touch as an API that allows push notifications, but I can't find anywhere that says that Google/MS have enabled that feature.

                              1 Reply Last reply Reply Quote 0
                              • 1
                              • 2
                              • 2 / 2
                              • First post
                                Last post