I looked at Authy but don't like the way it syncs all your codes across devices. Handy yes, but very risky from a security point of view. And what's the point of your 2FA codes being generated on the same PC you're trying to login from? Duh...
Amazon account 'hacked'
- Thread starter Kiyoshi
- Start date
Soldato
I've been trying for ages to set up 2step Auth with Amazon and it will not send me or indeed anyone a text message with the codes in. All they keep telling me is to try again in 20 mins and I'm sick of explaining I've been trying for weeks. I think they have finally escalated the issue now though but who knows.
To add, i don't have an option to select voice either.
To add, i don't have an option to select voice either.
No need to sync anything. Only install it on your phone, which you have on you at all times and is securely locked with a passcode?
Didn't even realise they had desktop apps.
With an SMS someone can still get the code on your lock screen if they have your phone unless you've explicitly turned off preview. With authy/any authenticator app they need to have your physical phone and unlock it to access the code generated for that 30 second window.
The code doesn't need to be generated on the device your logging in on. You can get the code from your phone and type it into your desktop browser, just like you would with an SMS.
Last edited:
Soldato
Those who have problems with the SMS code, what mobile network are you on, and have you ported out recently? I had a similar issue with Twitter when I moved from three to Vodafone, I couldn't get codes for about 2 months.
I was having this issue at lunchtime trying to set up the 2SFA. Had a Google and it seems EE automatically blocks text messages from some third parties/premium numbers. You have to go through online chat to remove the block.
Fortunately I had the option to select a voice call, which did work. But may be worth checking with your mobile provider in case they have a system in place similar to EE's.
I have that problem with Google and Sky. Yet works fine with EE.
Sorry to derail slightly, but I just tried to turn on 2 factor auth as well. It let me set up my mobile, but then asks me to set up a second number, which I don't have, and wouldn't seem to let me complete the set up without it. Have I missed something? Did you have this issue?
Edit - seems you can't set up without two phones or using an additional app.
Last edited:
Soldato
Virgin (on EE carrier I believe) for about 4 years.
Thanks, i'll see what they say and if I get no where will look at using the auth app as per posts above.
Soldato
I tried both and other mobile numbers, nothing made it through.
Underboss
I had my account hacked, (im sure I posted on here about it)
not due to this list thing, account got hacked, they changed my email address and password
I had so much hassle with Amazon, my emails were being ignored, in the end i wrote on their facebook account for the world to see, then they finally contacted me, i got my account back, and the fraudsters tried to return everything, as there was £250 in a gift card sitting there
not due to this list thing, account got hacked, they changed my email address and password
I had so much hassle with Amazon, my emails were being ignored, in the end i wrote on their facebook account for the world to see, then they finally contacted me, i got my account back, and the fraudsters tried to return everything, as there was £250 in a gift card sitting there
Just to provide an update, Amazon contacted me yesterday (within 24 hours of me raising it) and restored my access. They sent me a copy/pasta e-mail, but had disabled the password to the account, reversed any changes made and cancelled any pending orders - I can't tell if there were any made. I was able to log in and select a new password, all is well again. Thanks for all the comments, cheers.
But have you set up 2FA?
I know all that. I use Google Auth on my phone for lots of accounts, never SMS. I was merely pointing out that Authy's big selling point (they mention cloud backups and sync'ing across devices a lot on their website) is actually bringing more risk into the equation
Soldato
Well I've finally managed to enable it but what a faff on. You need to enable it using an authenticator app then it allows you to select the voice call option when giving them a backup number. Only then was I able to get the code to validate the whole thing.
But have you set up 2FA?
No because I'm probably the last person in the country who hasn't ever bothered getting a mobile phone. I've set a new unique password which should do me fine
But have you set up 2FA?
I know all that. I use Google Auth on my phone for lots of accounts, never SMS. I was merely pointing out that Authy's big selling point (they mention cloud backups and sync'ing across devices a lot on their website) is actually bringing more risk into the equation
Ahh right, I never even realised it was a feature until you mentioned it. You're probably right though
You can usually set it to remember certain computers like your home desktop or laptop, so you only need it when on any other computer apart from those. ie. if a hacker gets your details and tries to login from Timbuktu or if you're on a public computer.
No, as multiple people have answered above. You can use an authenticator app like Google Authenticator or Authy to generate codes. This means you don't need phone signal, or need to wait for a text. It's much more reliable, hence why most platforms that have 2FA support authenticator apps over SMS.
And as said above, you can generally set to remember devices for 30 days so that you don't have to keep putting codes in on your own computer for example. If you (or a hacker) tried to login from a new device it will ask you for a code.