2factor authentication humblebundle.com
this time, I do have a working authy 2factor with my humblebundle.com account.
authy.com does some magic so it changes my phone number with the origin server and the account pops up magically in the authy app.
As known as - There is no barcode to scan.
How do I get the authy 2factor into my 1password?
Comments
-
Hi @mo hataj,
After creating an account at Humble Bundle it would seem we're not compatible with their 2FA. As you've found, they've tied themselves to Authy very tightly and aren't offering the possibility of manually entering the secret like you would with Dropbox or Google Accounts. My research did come across this post on another site titled How to extract your TOTP secrets from Authy, the key bit being:
Of note: CloudFlare doesn’t show a QR code in my screenshot above because it uses “Authy two-factor authentication”, which is not compatible with Google Authenticator. There’s just no point in exporting those out of Authy, since they are not usable anywhere else…
There are a number of 2FA approaches out there so it seems you're stuck with either Authy or an SMS for 2FA on Humble Bundle. Sorry it isn't better news but it would be up to the site in question to support Google Authenticator styled TOTP for us to be compatible.
0 -
OK, thanks for your help.
There is a way to have authy support send you the secret URL but they don't like it.
Further, I don't like them not telling what part of my secret rests on their servers and if they can use it without my knowledge.
Google Authenticator and 1Password are clear - there is the secret, this is the URL to the secret and access to the secret is in your mind and not on our servers.0 -
Like yourself @mo hataj, I like TOTP because the whole thing works with everything being visible to the user. You can see your secret, you can understand how it works and what it solves. You can then choose any TOTP compatible app and copy the secret over if you want to use one or more. Authy's approach may be a good one, but I can't say as aspects of it don't seem to be well documented. Maybe people haven't asked them before - it's hard to say. I hope over time we move to a single standard for 2FA where appropriate :smile:
0
