8

My phone suddenly is stuck in a reboot loop.
all solutions did not work (Safemode, Recoverymode etc)

It was time for a new phone.

well... most of my logins have now 2 factor authentication. That got me thinking:

imagine that you lost all your trusted devices in a house fire.
you cannot get in your email because of you need to verify.
you cannot buy stuff online because your phone gets a message.
and in certain cases you cannot even get in your password manager of the same reason.

I know that there are recovery codes and other solutions to this.. oh boy you are F*cked when you don't have your phone.

Everything turned out okay, Sim Card in different phone for messages. And new phone works like a charm :)

Comments
  • 1
    That is exactly the reason why I don't get my note 9 to service for camera repair. They will factory reset my phone and I have all kinds of 2FA's enabled. That means that I'll lose my accounts and will have to go thru the annoying process of recovering.

    Overall, yes, if you lose your 2FA device - you are fucked.
  • 1
    Next time, throw it in the wall
  • 5
    @potata Use andOTP instead of Google Authenticator. It backups encrypted TOTPs in the cloud. If you're rooted, you can even migrate your TOTPs from Authenticator. And it's made by @flocke
  • 0
    @gronostaj Thanks for the suggestion. Tho, that's not the only authenticator I have :(
  • 0
    Typically most sites give you a backup secret code when setting up 2FA - make sure to back that up somewhere.
    I use Keepass2 as a password manager, so I just add an extra field with that code in it, and my encrypted database is backed up in multiple places (including online).
    That way, if I lose access to my phone, I can still recover the 2FA auths by simply creating them again from the secret code
  • 0
    Telecom company can issue you a new sim with the same phone number if you are not a prepaid customer. Well at least in my country :)
  • 0
    Which is why I backup my 2FA. Always.
  • 0
  • 0
    How did you get your iPhone stuck in a bootloop? Did you install some buggy package?
  • 1
    If you didn't know it, most of the "vendor specific" authenticators (battle.net / Blizzard, Symantec VIP Access (Paypal), I guess even Steam) use TOTP under the hood and can be "faked" with other apps (e.g. andOTP).
    I do it for the battle.net as the official app lost its configuration multiple times, and I'm considering it for Paypal, too.
  • 0
    I use Authy for 2fa, which is backed up using a password and logged in on an old phone for emergency reasons. Other 2fa is on my Ledger, which I generally have on me
  • 1
    @netikras in germoney they even do that for prepaid customer, at least my isp does it, needed a new nano sim for new phone cause former SIM card was like 10 years old, issued with a minor fee in 3 days.
  • 0
    @sbiewald i am so super scared for my blizzard account, back in 2011 i created my account under a false name and blizzard is super adamant of never ever changing your name if not for 3 reasons:

    inheritance, marriage or legal name change

    even if you provide every single cd key you registered and everything. its annoying.
  • 0
    @BurnoutDV They will not know. Steps are:
    1. Setup the official app.
    2. Write the secret key down (somewhere in the settings)
    3. Convert key to a format readable by andOTP, Authy, G authenticator...
    4. Enter in 2FA app and test login.
    5. Uninstall Blizzard's original one.

    Only caveat: Your 2FA app must support 8 digit OTPs.
Add Comment