Since last year many foreign web platforms have forced their users to turn on theMFA, such as a Microsoft account, a Github account, an Oracle Cloud account, and so on.
Just last month Tencent Cloud made an official announcement that on 11/20/24 it would gradually force registered users to open theMFA Multi-Factor Accreditation. This may lead to a wave of openings in the country.
Both 2FA (Two-Factor Authentication) and MFA (Multi-Factor Authentication) are methods to improve the security of user authentication.
They differ mainly in the number of authentication factors and the flexibility of combinations.2FA is a specific type of two-factor authentication, a subset of MFA.
Multi-factor authentication is mandatorily opened and the first problem encountered is what to useMFAThe app is reliable? That’s the purpose of this article!
More related content:collection control
A friend’s Github account was barely recovered not long ago!
Last year Github forced user bindingsMFAI’ve got this friend of mine who got a random one off the internet.MFAThe software, following the procedure guide quickly completes the binding.
Sometime this summer he got a new cell phone! Recycled the old phone! Realized after a month that I hadn’t backed up the 2FA info. And was bound for Github at the timeMFASave the recovery code by hand, it’s long gone and I can’t find it!
How many years of Github account to do? Email contact Github customer service, people also do not give the solution must be in accordance with the official rules! I finally found a development server with the account’s SSH token before I was able to recover!
My friend is not the first in this situation and certainly not the last!
internal (a country)
Tencent Authenticator
Usage: WeChat search for the small program [Tencent Identity Verifier], WeChat authorization to use.
Pros: stable service provided by large manufacturers, support for cloud backup, also search and install apps in the app market.
Disadvantages: Bound with micro-signal, once the micro-signal overturned then the authenticator also overturned. Doesn’t support exporting keys, can’t be used offline.
AliCloud Virtual MFA
Usage: Search and install [AliCloud] app in the app market, after launching the app you can see [Virtual MFA].
Advantages: stable service provided by large manufacturers, can log in to the AliCloud account, local backup, export, import, no network is also available
Cons: A bit heavy if using this app only for the purpose of using 2FA!
external (affairs)
Microsoft Authenticator
Usage: major domestic application market can be searched and installed, support Android/iOS
Advantages: Microsoft provided service, login to Microsoft account, support cloud backup, import and export (can’t export to other apps), support Android and iOS
Cons: Android and Apple versions can’tMutual cloud recovery, beware!!!
Google Authenticator
Usage: Google Play or App Store search and download, support Android/iOS
Advantages: the international giant Google to provide services, support for Google account login, and support for cloud backup
Cons: Due to unknown reasons the country can not log into the Google account, can only be used offline, so that once the application reset or change the device will be lost!
AuthyAuthenticator
Usage: App market or official website installation
Advantages: Android/iOS platforms are available and interoperable, smooth access in China
Cons: You can’t receive a verification code for domestic cell phone number registration? Blogger didn’t experience it
LastPass Authenticator
Usage: App market or official website installation
Advantages: PC/Android/iOS all platforms can be used and interoperability, smooth access to domestic
Cons: Free version is limited to 1 user, limited to one device type (PC or mobile)
expand one’s financial resources
Aegis Authenticator
Open source repository: https://ift.tt/puKyijT
A free, secure and open source Android 2FA app!
2FAuth
Open source repository: https://ift.tt/A2Iur5D
Docker Deployable WebApp with all the features! Totally own control!
https://ift.tt/xtoGDWs
Here’s an example of a Tencent Cloud account bound to MFA!
Method 1: Generate QR code as shown, use the tool to scan the code to add, you can generate the verification code, fill in the verification code to complete the binding!
Method 2: It is recommended to recognize the QR code to copy the key and save it, as long as you have this key you can generate the verification code anytime and anywhere. Don’t worry about losing it.
Above, click [Can’t scan? Use Text Key Binding] to get a string. You can also recognize the QR code to get the key.
Then visit: https://tool.azure.cc/ Paste the key in to generate the verification code.
Fill in the verification code to complete the binding~.
To make it easier to generate a CAPTCHA later, you can save the link: https://ift.tt/bwhOirJ (replace xx with your key)
This page is fully open source and does not collect information about you!
final conclusion
Currently bloggers mainly use Microsoft Authenticator.
There is no best only better for you!
Although it’s less secure to save the key, I personally recommend saving the key (pure advice, don’t be a jerk).
Like Github will provide a download recovery code when you bind 2FA, be sure to save it! Be sure to save it! Be sure to save it!
Kids who have other better software can offer to share it in the comment section!