A new iOS app for managing two-factor authentication keys called Lockdown launched this weekend with a set of unique features like the ability to sync your keys over iCloud with other devices (including an upcoming Mac counterpart). Accounts in the app will also be backed up along with your phone’s data so that you can restore the keys back to a new device, which isn’t possible with other two-factor apps.
Of course, while backing up the keys and syncing them with iCloud provide an increased level of convenience, it’s important to remember that those can also lead to a reduced level of security in some cases. It’s important to balance security with convenience when dealing with something like two-factor authentication, and thankfully Lockdown’s developer recognizes this. All data on the device or backed up to iCloud is encrypted whether it’s in transit or stored on the device or server.
Sites that use two-factor authentication typically also use backup codes for logging into your account in case you lose access to your device. Lockdown offers the ability to store these backup codes right in the app. While that’s an excellent convenience feature, it does somewhat defeat the purpose of the codes. If you’ve stored them only in Lockdown and then lose your phone, you won’t have access to those codes, and thus won’t be able to log into your account. So while this is a handy feature, it’s critical that you store these codes in a secondary location that isn’t on your phone as well.
The developer has told 9to5Mac that an update has been submitted to Apple which includes new features such as support for using Touch ID to protect the application. A Safari extension is planned for a later release to make logging into sites through the phone’s built-in browser even easier.
You can grab Lockdown on the iOS App Store for $3.99.
FTC: We use income earning auto affiliate links. More.
Another great alternative to Google Authenticator: Authy (free)
The name of the app should perhaps be KeysEverywhere. ;-)
why pay if you can use Google Authenticator which is completely free!!!!!!!!!!!
Because “Accounts in the app will also be backed up along with your phone’s data so that you can restore the keys back to a new device, which isn’t possible with other two-factor apps.”
Though to me that sort-of defeats the point of multi factor auth.
Authy has cloud backup, and it’s free
2 is larger than 1 on paper, but two weak boys in the real world may well be far weaker than a toughened guy. Physical tokens and phones are easily lost, stolen and abused. Then the password would be the last resort. It should be strongly emphasized that a truly reliable 2-factor solution requires the use of the most reliable password.