Borkii 0 Report post Posted January 7, 2017 First i want to thank the elysium devs for the amazing Authentication app its works perfectly. but my question is what if my phone gets stolen or something like that, is my account also gone or can i just do something to get it on my new phone? 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 You can get authentication software for your PC also. (Win10 has an app in the appstore). So what I would suggest doing is install this on your PC and when you set up 2FA on your account, use the code you get in the email (instead of barcode) and set it up on your phone AND your PC, this way you have a backup if your phone/PC crashes, stolen, etc.. This is what I have done. You could also get authentication software for other devices, maybe you have an old laptop, tablet, etc? Best of luck. 0 Share this post Link to post Share on other sites
Borkii 0 Report post Posted January 7, 2017 Thanks for the answer! :) i found 2 apps one is called 2 factor authentication and the other one is called authentication for windows. which one do you recommend? 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 I used the one called "2 factor authentication" but im sure ether of them will work fine 0 Share this post Link to post Share on other sites
EffToyz 12 Report post Posted January 7, 2017 When you adding your auth to your account, you can write down serial number and save somewhere in any book at your place. Nobody anyway reads books these days. 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 1 hour ago, EffToyz said: When you adding your auth to your account, you can write down serial number and save somewhere in any book at your place. Nobody anyway reads books these days. lol next thing youll be hearing of hackers breaking into peoples houses to get their Elysium 2FA CODE 0 Share this post Link to post Share on other sites
toniplavna 20 Report post Posted January 7, 2017 So is it working by email: you log in on web, got a code via e mail and enter it , or? 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 25 minutes ago, toniplavna said: So is it working by email: you log in on web, got a code via e mail and enter it , or? No app only 0 Share this post Link to post Share on other sites
Borkii 0 Report post Posted January 7, 2017 4 hours ago, EffToyz said: When you adding your auth to your account, you can write down serial number and save somewhere in any book at your place. Nobody anyway reads books these days. so if i just keep the code i got in my email i can just use it later on my for example new phone? 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 6 hours ago, EffToyz said: When you adding your auth to your account, you can write down serial number and save somewhere in any book at your place. Nobody anyway reads books these days. You cant write it, it changes every 30 secs.. I'm worried about this thing also Can any dev explain how can we recover account if we lose mobile? 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 Just now, NoGnomo said: You cant write it, it changes every 30 secs.. I'm worried about this thing also Can any dev explain how can we recover account if we lose mobile? No we are not talking about the actual authentication code.. We mean the code you receive via email along side the bar-code. See example here (http://oi67.tinypic.com/2u6dzl5.jpg) 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 17 minutes ago, genaside said: No we are not talking about the actual authentication code.. We mean the code you receive via email along side the bar-code. See example here (http://oi67.tinypic.com/2u6dzl5.jpg) Ok I understand, but that code will work forever? I thought it only works for the first 2Fa authenticaion (linking devices) 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 Yes that code is stored by the authentication app you use to create the code so it does not change 0 Share this post Link to post Share on other sites
EffToyz 12 Report post Posted January 7, 2017 6 minutes ago, NoGnomo said: Ok I understand, but that code will work forever? I thought it only works for the first 2Fa authenticaion (linking devices) No, I have same auth codes on my phone and tablet. I know, this is technically security flaw, but if I lose one of devices, I will replace 2FA everywhere this instant. And yes, serial code you can write down and enter anytime you want later on new device. 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 1 minute ago, EffToyz said: No, I have same auth codes on my phone and tablet. I know, this is technically security flaw, but if I lose one of devices, I will replace 2FA everywhere this instant. And yes, serial code you can write down and enter anytime you want later on new device. And this code is linked to one app? (for example "google authenticator") or u can use it in any of the many apps? 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 1 minute ago, NoGnomo said: And this code is linked to one app? (for example "google authenticator") or u can use it in any of the many apps? as many apps as you want 0 Share this post Link to post Share on other sites
EffToyz 12 Report post Posted January 7, 2017 6 minutes ago, NoGnomo said: And this code is linked to one app? (for example "google authenticator") or u can use it in any of the many apps? Generally how it works: you get big serial number and app generates 6 digit numbers every minute. This function also predictable, so knowing this serial number and current time you can always generate this number. This function as hash works only in one direction. Knowing time and 6 digit number (or even set of these numbers) you cannot reverse it and find out your serial number, that's why you want to keep it secretly in your app (and on a piece of paper in your deposit box in your bank). This is how you prove that you are you. Server asks for number, server can generate it as well, because it also knows your serial number. Technically it just adds 16 digit serial number to your password, you can have a really simple password now. But again this is not recommended, because with man-in-the-middle type attack you can trick user and turn off his 2FA. 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 Allright, seems fine, we should detele the email from Elysium in case a hacker gets our email, he cant see that Code. btw Im using "Authy", its app both for mobile and also windows (chrome app), it syncs all your 2FA devices, so in case u lose ur mobile, and also lose ur code (writen on paper), u can use ur PC to get 2fa link seems a good app, you can even use only PC and not mobile (i dunno why 2fa systems always "force" to use mobile, which i dont like) u can read about it here: http://lifehacker.com/authy-brings-two-factor-authentication-to-your-pc-no-n-1569284437 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 Wtf why I cant edit my post, I wanted to add this source for Authy: https://www.authy.com/blog/introducing-authy-for-your-personal-computer 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 Just use 2FA on your email account and hope that doesnt get hacked because then you got bigger problems, i wouldn't delete your Elysium email just in case. 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 (edited) 10 minutes ago, EffToyz said: Generally how it works: you get big serial number and app generates 6 digit numbers every minute. This function also predictable, so knowing this serial number and current time you can always generate this number. This function as hash works only in one direction. Knowing time and 6 digit number (or even set of these numbers) you cannot reverse it and find out your serial number, that's why you want to keep it secretly in your app (and on a piece of paper in your deposit box in your bank). This is how you prove that you are you. Server asks for number, server can generate it as well, because it also knows your serial number. Technically it just adds 16 digit serial number to your password, you can have a really simple password now. But again this is not recommended, because with man-in-the-middle type attack you can trick user and turn off his 2FA. What do u mean by "time"? And also, if u get the "big serial number", why cant u just input it instead the 6-digit code? It seems like its the same thing to me. If one person gets that code, he can get the 6-digs every time. Edited January 7, 2017 by NoGnomo 0 Share this post Link to post Share on other sites
NoGnomo 7 Report post Posted January 7, 2017 1 minute ago, genaside said: Just use 2FA on your email account and hope that doesnt get hacked because then you got bigger problems, i wouldn't delete your Elysium email just in case. Well if you write down the code you dont need to have the email from elysium. Ofc if u lose the paper with the code its a problem 0 Share this post Link to post Share on other sites
EffToyz 12 Report post Posted January 7, 2017 1 minute ago, NoGnomo said: What do u mean by "time"? And also, if get the "big serial number", why cant u just input it instead the 6-digit code? It seems like its the same thing to me. If one person gets that code, he can get the 6-digs every time. Time is the time on your clock when you trying to login. Every minute you get new number. The beauty of 6-digit code is that you can openly use it, keylogging this code doesn't help to restore your serial number. 0 Share this post Link to post Share on other sites
genaside 0 Report post Posted January 7, 2017 I just made this guide... Hopefully it will help out others in the future. 0 Share this post Link to post Share on other sites
