How to do 2FA on Multiple Devices Using Various Authenticator Apps?

Hi,

We use the app on multiple devices and users (both IOs and Android) and use multiple authenticator apps (mostly Microsoft but also Google and Authy). Some devices are at different locations so simultaneous authenticator app setup using the key is not possible.

How to do the 2FA in this case? To me it looks like the 2FA setup code changes with time so it can’t be shared & reused. And Wyze website is not set for getting 2FA QR code (why???).

Wyze does give a “secret code” that can be used to login; but in reality this is just another password and completely defeats the purpose of 2FA.

The only way I “think” should work is installing Google authenticator, then exporting the new key as QR from there. Kind of cumbersome and I am an MS app user myself.

Any suggestions?

BR,

MotoJ

That’s what I do to share it to my wife, and have it on my laptop, and my other secondary phones.

An alternative is to use email to get the 2FA code and then have it forward that to any other email account that may need a copy (spouse, or other family members).

If you use Android, you can do the same thing with text message 2FA. Basically just use a notification watching app like Tasker, Macrodroid or Buzzkill and when a 2FA code from Wyze comes in, have it automatically send a text with that same message to whomever also needs a copy of it.

Thank you for reply.

Hmmm, how would I do that? Not sure I’ve seen a way.

As you may have noticed I am more or less the “unofficial IT support” for our group. I am firmly in the MS Authenticator camp, and exporting a single code/key from there is not possible. May have to install Google authenticator and just delete afterwards.

BR,

MotoJ

Yeah, that drives me nuts about MS Authenticator (I use both, and MS annoys me that I can’t share/export the 2FA code). Makes me paranoid not to have a backup device with the authentication codes on them. What happens if I lose my phone? Now I lose EVERYTHING?!?! :scream:

In the Wyze app, go to the account tab then the Account section, then Two-factor Authentication Then turn on the Email option.

Then have a 2FA code sent by email, see what address it comes from and what unique wording/phrases it uses in the 2FA message and set up a filter that says if an email comes from that address with those words, forward that email to any other emails you want to have it (while keeping a copy in your account too of course).

I’ll throw another app into the mix, just 'cause: Sophos Intercept X for Mobile. It’s an app that I’ve been using for a while (on Android, though there’s also an iOS version) for a number of reasons, and I like that it includes both an authenticator and a password safe (using KeePass’s database format). Just recently (after reading one of @carverofchoice’s posts in another topic) I decided to figure out if I could copy my tokens to another device, and it turns out that I can: I’m able to create a backup of my authenticator settings that gets exported to a password-protected file that I can then transfer to another device and import into the app on that device. Now when I have the authenticator open on on both phones side by side, I can see all the token codes change all together on both devices and feel confident that I have a working backup of my tokens.

1 Like

My head hurts.

1 Like

You can install Authy on multiple devices and it then copies all the information between them. I have it installed on my iPhone and iPad and it replicates perfectly and stays synchronized.

1 Like

Is Authy “safer” than Google free 2FA app?

I don’t trust Google when it comes to user information.
They scan see stuff in your Google Photo and your Google Drive. Which should be private.

Who knows if they could access your 2FA!?

1 Like

You can take a screenshot of the QR code and scan it on another device (requires two devices or a printer normally).

Keep in mind that screenshot lets anyone with access to it generate MFA codes for your account forever (unless you reset it).

FYI you can tell Google authenticator to only store locally and not have a cloud backup. I highly recommend this with the Google authenticator. Hackers have been trying to target people’s Google accounts specifically so they can access their cloud backed authenticator often their password manager and then have fill access to all their financials (specifically targeting known crypto users as a priority). So I would definitely disable cloud backup on the authenticator, just back up the codes locally either with a QR code you print out and lock up somewhere or store them on a second device somewhere. Not the cloud… Go disable that, then Google authenticator is actually pretty good IMO.

1 Like

I use 2FA Authenticator by 2FAS.Com
Available on apple and android.

You can turn sync off so it only stores locally then export and import to the app on another device.

1 Like

I use 2FA Authenticator by 2FAS.com

I wouldn’t use Authy as it uses sms so it’s susceptible to sim swapping which defeats the purpose of having an Authenticator app.

You might as well just use sms in the Wyze app if you’re going to use Authy.

I don’t think so…it generates a local code on screen.

Correct. You want to set a password and disable adding new devices, but it only uses SMS for account creation and identification.

There are definitely risks and tradeoffs to using authy, but saying it is as vulnerable to SIM swapping attacks as SMS 2FA is simply incorrect.

2 Likes

I stand corrected.
Although why do they even use sms for anything when it’s not secure.

Seems ridiculous to me when the point is to make things more secure.

Also is there a way to stop Wyze requiring the device to be re trusted every 30 days.

If the password is secure and not used for anything else and 2FA adds to that security, having to sign in every 30 days is unnecessary and adds nothing to the security.

Plus I would never trust my cameras to be on when I’m in the house anyway since I don’t know where Wyze sends the feed to be processed for person detection

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.