Not long ago, Authy was made aware of some very informed blog posts and tweets on topics like identity, two-factor authentication, cybersecurity,content security, and on-prem, cloud, & hybrid infrastructures. What caught our eye is that the tweets were always so helpful, often going much further than typical 2FA and security recommendations you see on Twitter.
Turns out that the author of those tweets is blogger Pablo Alejandro Fain, an IT professional based out of Argentina who is also an avid Authy advocate. Pablo can be found alerting people about the benefits of our two-factor authentication service simply because he himself is a fan. We asked if he’d tell us more about his experiences with 2FA and he recently took time out of his workday to chat with us.
AUTHY: First off, what exactly is it that you do?
Scheduled - In order to increase the stability and scalability of our systems, we are making updates to our V3 Categories endpoints scheduled April 17th, 2021 from 11am to 12pm PT. During this time, customers may experience increased HTTP errors when retrieving, creating, updating, or deleting categories via V3 categories endpoints as well as the UI.
For the past eight years, I’ve been a Microsoft Certified Solutions Expert in Productivity, which means I work to help others work and collaborate more efficiently. I’m currently in the process of transforming my role to dedicate myself 100% to Information Security.
- Business Impact. General - you have a question about Twilio or how to use its products, Degraded - Twilio or your configuration is not functioning properly or intermittently, Critical Outage - Twilio or your configuration is experiencing a complete business outage.
- Finally, 1Password consistently flags my employer's auth website as possessing a 2FA option: 'You can save your two-factor authentication codes for this account in 1Password.' The ability to use software-based 2FA option exists for the consumer service; our employer requires hardware-based tokens, so this is actually incorrect.
And you’re based in Buenos Aires?
I mostly work remotely, but I also like to go to the Ernst & Young offices here in Buenos Aires office two or three times a week to meet with other people. My team is distributed worldwide, so it’s challenging to meet them in person, but I like to meet people from other teams, and see how I can help them with my knowledge, etc.
Working with a global team can make in-person networking a bit difficult.
It’s true, but I find that Reddit helps me exchange information and experiences with other people with my same interests. And Twitter is a great place to meet colleagues, and to help non-IT people get involved in the privacy and security fields. I truly believe it’s necessary for people to understand the importance of staying protected online.
So you’re kind of a cybersecurity evangelist!
I was always interested in the security field. Every time I talk to a person — no matter if they’re IT or non-IT — I try to see how they protect their online accounts, and what the industry can do better to help them stay secure.
Which poses the question “How do you stay secure, and how did you come across Authy?”
At the time I started with Google Authenticator, 2FA wasn’t mandated by anyone. In fact, only a few online services had 2FA capabilities. However, I recall that I had to switch between Android devices and lost every security token associated with my device. It was then that I started to investigate other options and came across Authy. With Authy, I’ve switched from Android to iOS, then between multiple iOS devices, and never lost a thing.
How long ago did you move from Google Authenticator to become an Authy user?
I’ve been using Authy for about six years now, ever since I discovered Google Auth couldn’t migrate my seeds from one device to another. I use the Authy iOS app in combination with my YubiKey devices. Whenever I associate my primary YubiKey to a service, my golden rule is to also associate a second key (which is kept safe at home) and also Authy.
So you take cybersecurity very seriously.
I do. And I keep track of the sites and services where each 2FA form is enabled through tags in 1Password. So far, I have 85 accounts protected by Authy 2FA. Here are some of the sites where I have Authy currently enabled:
Sendgrid 2fa 1password Code
1Password, Adobe, Amazon, Atlassian, Azure AD, Bitbucket, WordPress, Buffer, Cloudflare, Devolutions, Digital Ocean, Discord, DNS Made Easy, Dropbox, Enom, Evernote, Facebook, Gandi.net, GitHub, GoDaddy, Google Accounts, Hootsuite, Instagram, MailChimp, Mercado Libre, Microsoft Accounts, Namecheap, PayPal, Sendgrid, and WordPress.
That’s a pretty impressive 2FA list.
It’s huge, right? Oh, and LinkedIn, too, this is a new one! The list continues and, in addition to those I just mentioned, I have some cloud servers that I use for personal stuff (like hosting my blog, a Unifi cloud controller, and a VPN server) that I also protect with Authy using your API.
Can we ask what Authy security features are your favorite?
Sendgrid 2fa 1password Extension
Probably the most important is the combination of 2FA Backups and the Multi-Device feature for when I need to switch between and old and a new phone.
Any suggestions on how we can improve Authy two-factor authentication?
Sure. I’d like to be able to upload my own icons for the accounts that are not Authy-enabled, or for those that you don’t provide a custom logo. And personally, I’d like to see better support for the Apple Watch app, which I need to reinstall every time I add or remove an account.
We’ve got some feature improvements in the pipeline that I’m sure you’ll appreciate and your suggestions will certainly be passed to the Authy engineering team. Anything else?
If I can give readers three recommendations, those will be:
- Use a password manager.
- Secure your accounts with 2FA.
- Backup all your stuff.
Good advice. Thanks, Pablo!
| 10,000 emails /month | 125,000 emails /month | 700,000 emails /month | |
|---|---|---|---|
| Annual Savings | $59 /year | - | - |
| PostmarkIncludes great deliverability and support as standard | $10 /mo. | $100 /mo. | $400 /mo. |
| SendGridEssentials Plan | $14.95 /mo. | - | - |
| Pro Plan | - | $79.95 /mo. | $399.95 /mo. |
Do you offer a free trial?
Sendgrid 2fa 1password App
All new accounts start off on our free developer plan with 100 emails per month. Use it for however long you need, it doesn’t expire.
Do you offer dedicated IPs?
Dedicated IPs are available to high-volume senders. Read about our policy for issuing dedicated IPs.
What happens if I go over my plan’s monthly email limit?
Extra emails on our paid plans are calculated at the end of your billing cycle and included with your plan cost for the upcoming month.
What payment types do you accept?
We accept payments via Visa, MasterCard, American Express, Diners, and JCB. We do not accept PayPal or Purchase Orders.
Can I send bulk marketing email through Postmark?
Yes you can! To comply with industry best-practices and to maintain our high deliverability, it's important though that transactional and marketing emails never mix. That's why we created Message Streams, a parallel but completely separate sending infrastructures for your transactional and broadcast emails.
Do you offer high-volume plans?
Yes! Contact us to learn more about our high-volume pricing.