Migrating MFA and Google Voice

Google Authenticator

MFA is good for a variety of reasons, but I won’t get into that here.

When I was looking at competing apps in this space, Authy and Duo Security stood out.

One of Authy’s highlighted features is device sync. Sounds awesome, but I have a tin foil hat.

If I can add a device to my account, what prevents the baddies from adding their device? How much trust do I want to hold with one provider? How much faith do I have that they won’t get pwned?

I’ll take the hit on convenience when it comes to my MFA tokens.

Duo’s target market appears to be enterprises, which makes me think about potential app integrations [looking at you pam_duo!].

Their free tier is a perfect replacement for me. I did spend a lot of time deactivating/reactivating MFA on all of my accounts, but that was time well invested!

Not to say that Google Auth couldn’t do cool stuff like Duo, but the whole point of this project is to take steps away from them :)

Google Voice

I’ve been a GV user since 2011, and it’s actually my primary phone number. The Hangouts integration is great!

I have the Hangouts app on my phone, which “separates” the cellular number (provided by work) and my personal stuff.

Also, the Chrome plugin enabled me to SMS/call from my browser, back when I was using Chrome..

Because of the effort associated with telling everyone I have a new phone number, I’m going to keep this service, along with Hangouts on my phone.

Sticking to my guns with Firefox though!