Two factor authentication (2FA) app (urged by WISE)

[KhunBENQ]

Since I while I was bothered by the WISE app about installing an "authenticator".

Another mythical number generating app connected to other apps.

Google again seems to flood the place with its Authenticator app?

After some research I decided against and setup "Authy" from a company named "Twilio".

Account "hard wired" to my Thai phone number it seems.

Never heard these names before and now hope the the next WISE transfer will go smooth.

 

Anyone has own experience with such apps?

How does it add to security? I have not quite understood the extra benefit.

Edited January 5 by KhunBENQ

[Jan Dietz]

You can use any auth app, it doesn't need to communicate with anything after setup. The extra security benefit it the 'something you have' part of authentication.

 

The key stays on your phone and together with the current time it comes up with a predictable number the server can verify.

 

Recording a bunch of numbers doesn't help you deduct the key, so you will need to hold the actual device (unlocked) in order to identify yourself. It's a nice extra layer of protection beyond just a password which regularly gets stolen :)

 

There are three common factors used for authentication:

• Something you know (such as a password)
• Something you have (such as a smart card)
• Something you are (such as a fingerprint or other biometric method)

[Moonlover]

You'll find all you need to know about authenticators on this web site: All about authenticators

 

I use the Google authenticator for Wise and for the UK Government Gateway to access my tax account. If they trust them, so do I.

[scubascuba3]

I just started using Google Authenticator for Wise, added security makes sense 

[scottiejohn]

If you install this "App" on your phone what happens if your phone goes dead and you try and use the Wise website on your computer instead?

I currently use both without the App.

Edited January 5 by scottiejohn

[Sigma6]

2 minutes ago, scottiejohn said:

If you use this "App" on your phone what happens if your phone is dead and you try and use the Wise website on your computer?

 

Charge your phone?

[BenStark]

I use 2FA with Wise through WhatsApp, which I can check on my phone or the web based WhatsApp

[scottiejohn]

1 minute ago, Sigma6 said:

 

Charge your phone?

What a crass comment!

I will rephrase the question for people like you!

Will people still be able to access their wise account without a working/stolen/lost phone! (charged or not!)

[Sigma6]

3 minutes ago, scottiejohn said:

What a crass comment!

I will rephrase the question for people like you!

Will people still be able to access their wise account without a working/stolen/lost phone! (charged or not!)

 

Sorry, i wasnt meaning to be crass, but its pretty rare that my phone is dead its even rarer that my phone is dead and I intend to make a transfer, so to me its a moot point.  
However with google authenticator you can install on multiple devices, or even on PC as a backup 

[scottiejohn]

50 minutes ago, Sigma6 said:

 

Sorry, i wasnt meaning to be crass, but its pretty rare that my phone is dead its even rarer that my phone is dead and I intend to make a transfer, so to me its a moot point.  
However with google authenticator you can install on multiple devices, or even on PC as a backup 

Do you need the phone to be available to use wise on your PC?

If no phone will the PC/website system still work?

[BenStark]

15 minutes ago, scottiejohn said:

Do you need the phone to be available to use wise on your PC?

If no phone will the PC/website system still work?

 

Take a look at my post above.

 

With Wise you have the option to select WhatsApp as verification. WhatsApp is available as an app for windows 10 and above, and web based for previous Windows versions.

 

So even without a phone you will be able to check the code wherever you are in the world

[KhunBENQ]

9 hours ago, BenStark said:

So even without a phone you will be able to check the code wherever you are in the world

That's really interesting.

I am always concerned about the possible loss of the phone. What a hassle to get back to normal.

[bamnutsak]

A lot of financial services companies offer 2FA via their mobile app. (Chase and Fidelity are two that I use often.)

 

I think WISE offers this as one easy 2FA option.

 

 

We use 2-step verification when we need to confirm it's really you.

The 2 steps are:
Enter your password

Confirm that it’s you through the Wise app on a trusted device, or enter a code you receive by text message, phone call or from your authenticator app

 

 

2-step verification methods

There are 3 ways to complete 2-step verification:

 

receive a code by text message or phone call

receive a notification in the Wise app on a trusted device

enter a code from a separate authenticator app

 

 

https://wise.com/help/articles/2960083/what-is-step-verification

 

 

Edited January 6 by bamnutsak

[BenStark]

2 hours ago, KhunBENQ said:

That's really interesting.

I am always concerned about the possible loss of the phone. What a hassle to get back to normal.

 

Not only that, but also when you are abroad.

 

While I have the Wise app on my phone, I always prefer to use the web version, as I also do with other online platforms, because of bigger screen.

 

My previous verification method was set as text message to my Thai phone number.

 

When I went to Europe recently, that would mean I had to keep Thai SIM in my phone with roaming enabled. This may not be convenient for some, unless your phone is dual SIM enabled.

 

This way I would receive the verification code in the WhatsApp app on my phone with a foreign SIM inserted, or on the tablet which I carried with me, and which I was using to connect to Wise

Edited January 6 by BenStark

[scubascuba3]

2 hours ago, KhunBENQ said:

That's really interesting.

I am always concerned about the possible loss of the phone. What a hassle to get back to normal.

I've just installed Wise and authenticator on my tablet that never leaves the home so if i lose my phone when out it won't be an issue

[Moonlover]

14 hours ago, scottiejohn said:

Do you need the phone to be available to use wise on your PC?

If no phone will the PC/website system still work?

No you shouldn't need to have your phone, providing you use your regular computer. Wise, as with most banking institutes place a cookie on your computer once they're satisfied that it really is you that's logged on. During  future log ins that cookie acts as a 'digital fingerprint' and provides, along with your log on details, the necessary 2FA. 

 

If you watch the Wise web site as you log on, it comes up with 'authentication in process'. That's Wise seeking out the cookie.

 

Edited January 6 by Moonlover

[Gaccha]

Make sure you understand how the backup of the authenticator works.

 

If your phone goes missing, once you've set up a new phone and are setting up the authenticator app again, you'll need to be ready with that backup reset system. It might be a password or an access e-mail account.

 

It will be very strict and everything depends on you getting it right. There is no recovery to that backup. It is the very last line of defence.

[scottiejohn]

33 minutes ago, Gaccha said:

Make sure you understand how the backup of the authenticator works.

 

If your phone goes missing, once you've set up a new phone and are setting up the authenticator app again, you'll need to be ready with that backup reset system. It might be a password or an access e-mail account.

 

It will be very strict and everything depends on you getting it right. There is no recovery to that backup. It is the very last line of defence.

That is what worries me!

Do you have to sign up to it?

[Gaccha]

17 hours ago, scottiejohn said:

Do you have to sign up to it

 

You'll increasingly need to use 2FA for lots of things. There is no escape. I use it for 6 or 7. I use one. And have made sure that I always can recover. 

 

I am being vague because not making public this kind of info is part of a personal security setup.

[MJCM]

On 1/6/2024 at 6:53 AM, KhunBENQ said:

That's really interesting.

I am always concerned about the possible loss of the phone. What a hassle to get back to normal.

 

If you use Google Authenticator with a Google Account then it's as simple as installing Google Authenticator on your new phone and login with the Google Account and voila your (old) 2FA codes appear in the APP automatically.

 

Also you can Choose to backup the Codes to your PC.

 

• Quote

   

  • As of April 2023, Google Authenticator automatically backs up your one-time codes to your Google account.
  • As long as you've updated Google Authenticator and it's connected to your Google account, you can restore Authenticator from the cloud.
  • If you aren't backing up Authenticator, you can manually transfer your accounts to a new device or restore using your QR code.

   

   

https://www.wikihow.com/Restore-Google-Authenticator