Authy (YC W12, [1]) is a nice replacement for the GA app. Besides being more stable, it has also the "benefit" of allowing you to back up your keys, and recover in the case of a lost phone or deleted app.
Thankfully, backing up is entirely optional, and turned off by default. While they claim backups are encrypted with PBKDF2 [3], I still would never ever use something that sends my tokens to a remote server, as it'd defeat the purpose of 2FA in the first place.
Still, I can see the use for casual users that care enough to have 2FA, but not that much to worry about tokens being stolen and decrypted from Authy..
Authy wants to 'make data available to nearby bluetooth devices' and – even if you don't allow for it – asks for Bluetooth to be turned on. What's the reason for this requests?
I'd appreciate an application directly in the app. In doubt, I simply deny such requests.
Authy is first and foremost its own 2FA system based around ownership of a phone number. Where most phone based 2FA systems just send you a SMS message with a code you need to enter, Authy installs an app on the phone in question that fingerprints the phone. The fact that you can also use Authy to store other 2FA codes as well is just viewed as a bonus feature by Authy.
You had me until "backups are encrypted with PBKDF2". PBKDF2 is not encryption, it is a Key Derivation Function (it says so right in the name - KDF). Given that one of the developers is claiming that they are "encrypting" using PBKDF2 (which is in the same category as claiming that they are encrypting using MD5!), dissuades me from ever using it or recommending it.
You're perfectly right. PBKDF2 (Password-based Key Derivation Function 2) takes your password as an input, derives a key from it and outputs that. This key is then fed into an encryption algorithm like AES in order to actually encrypt anything.
Sure, in the same way that MD5 is (although you'd want to use PBKDF2 instead of MD5). But you can't actually encrypt with PBKDF2 itself, much like you can't with MD5
> 2. AES is used in CBC mode with a different IV for each account.
Depending on the actual implementation (if everything is just one encrypted blob or if individual records are encrypted separately) using the same IV for all data in one account can be pretty bad.
Nice idea, but I hated the workflow of setting up an account - first I have to type in a phone number manually twice, which is easily readable from Android. I also missed an explanation why I needed to set up an encryption token rightaway (I get what the point is, I'd just much rather try using the app first without having to set up all kinds of passwords and credentials first).
Thankfully, backing up is entirely optional, and turned off by default. While they claim backups are encrypted with PBKDF2 [3], I still would never ever use something that sends my tokens to a remote server, as it'd defeat the purpose of 2FA in the first place.
Still, I can see the use for casual users that care enough to have 2FA, but not that much to worry about tokens being stolen and decrypted from Authy..
Past discussions on HN here [2], [3], [4].
[1] https://www.authy.com/thefuture [2] https://news.ycombinator.com/item?id=6133648 [3] https://news.ycombinator.com/item?id=4916983 [4] https://news.ycombinator.com/item?id=4330050