Instead of securing your account with only a password, you have to enter a password and a secret code… But where to get this code?
The simple way is via an SMS to your phone, which means you also must provide your cell phone number to various sites.
Smartphones also have authentication apps, but the problem is that you must still have your smartphone on and connected to the cell network in order to log in to a simple web site!
That’s not very convenient…
Why you care
You may be thinking that you just won’t use 2FA, but think again. Until now, the security feature has been optional on most sites.
But PayPal recently notified me that accounts will require 2FA in the near future. Google is also starting to ‘encourage’ users to use 2FA if they use YouTube, Analytics, or many other Google services.
In short, you won’t have a choice soon.
And if you’re like me and you get absolute crap reception on your phone inside your house, then even a simple SMS-with-code to log in to web sites just isn’t going to work.
Besides, why should I have my phone on when I’m sitting at my puter?
What to do?!
Behold: Authy for Desktop
Authy is an authenticator app for doing 2FA. It’s available for smartphones, tablets, and also desktop OSes – Windows, Mac, and linux.
I use the desktop Windows version, and it works quite well.
The idea is that you download Authy, install it, and just fire it up anytime you need a secret 2FA code to log in to some web site.
Note that when you install Authy, it usually asks you to verify your account by sending an SMS to your phone – just once.
After that, you don’t need cell service ever again, and you certainly don’t need to have a smartphone!
How it works
First, run Authy:
You’ll see this screen:
You just paste that code into the box, and click Add Account. You do NOT need to save this ‘setup code’ anywhere.
On the next screen, you can give the site a name, like “PayPal” or “Gmail” or whatever you want.
Note that Authy can be used with all kinds of sites, including Google. You don’t have to use the Google Authenticator app if you don’t want to!
You can click here to see instructions on how to setup Authy with various sites and services, including PayPal, Google/Gmail, Amazon, Dropbox, and more.
Finally, when you want to log in to the site you just added, you click the site’s name from the main screen of Authy. You’ll see this:
TA-DA! You just verified your login with 2FA – no smartphone required.
Note that the code changes constantly, so don’t dawdle when you copy/paste it into your web site. Codes are time-sensitive for increased security.
For even more security…
It’s a good idea to set a Master Password for Authy. You just click Settings and then Enable:
Of course, if you want even MORE security, you could use a hardware key like Google’s Titan Security Key.
Hardware security keys are even more secure, but not free and a bit harder to use.
But at least now you can have 2FA even if you haven’t joined the Smartphone Revolution…
And you won’t go mad when your SMS secret code arrives 10 minutes after you were trying to log in to PayPal!