I am confused! I downloaded the recommended app AUTHY to my cell phone. I then started to enable 2FA on QRZ.com and the only choice was GOOGLE authenticator? Do I need both apps? When do I use AUTHY?
Fred, I certainly can't say I've never fat-fingered the code, but I can blame my cell carrier for how long it takes the texts to come through - sometimes it's a lot more than 30 seconds from when I request the code until it arrives. I just keep trying until it works Thanks for running a first-class site. 73, Jim
Using email to deliver codes would break things. An email has far less security than a text message and has way too many security holes. Not only that but the fundamental paradigm of Two-Factor Authentication says that you need something that we both share (your password) PLUS something that only YOU have (your code). If we send you the code then the paradigm is broken. Sending it by text is considered secure because it will only be delivered to a single phone number, one which we vetted when you setup your account. Check the video of how to setup the app on your computer: https://forums.qrz.com/index.php?th...-factor-authentication-w-o-cell-phone.661624/
Google Authenticator is a placeholder name. Just ignore the word Google and proceed with Authy 73 -fred
As most of us have smart phones next to our computing devices accessing QRZ.com (perhaps they're even one in the same), there's no legitimate reason not to turn on and use 2FA these days. It's commonsensical.
My bank (Bank of America) uses 10 minutes. Now I think that is a bit generous but 30 seconds is not long enough. Why not 2 minutes, say? Is there any downside to that? From a hackers standpoint, what's the difference? I really don't know. I have never had any issue getting SMS texts so maybe I've been lucky. I have several different locations I log in from so using my phone makes it very easy. I have a couple of credit cards that will text me with transaction information while I'm still standing at the check-out counter. I looked at the Authy app and it reminded me of the first time I read the LoTW instructions. LOL! ................Bob
this is not for the security of QRZ users, it is for QRZ.COM to claim no responsibility on fraudulent transactions! Slightly improving any person's security is a slight benefit.
As retired IT am I all for it. Now however I live out in the country. This is great for antenna's but not cell coverage. Having a smart phone is a waste of money here. My $13 flip phone lets my wife call me when I am in town or on the road but does not do texting. de NG0G