Are you using Google Authenticator?
Prompted by my own WordPress blog which suggested I enable two-step authentication, I do. Do I feel more secure? Not really, and here’s why.
- Download and install the Android app: CHECK!
- Scan the WordPress QR code: CHECK!
- GA generates a code, enter it and validate: CHECK!
- Now GA generates another 8 “backup codes” and asks me to print them and store them in a safe place for use if my phone is stolen (like… where – VERY SAFE!)
- (since Google does not trust me to do what they say) Enter one of the backup codes and type the word “printed”: FAIL (I enter the first code and GA says “invalid code”!)
How feckin’ secure is this? Losers!!!