Authy User: Security In Bengaluru
Hailing from Silicon Valley in California, we sometimes forget that there are “silicon valley” type pockets all over the world. And there are Authy users in every pocket. Manoj Memana Jayakumarj, a software engineer, is one of those who we got to know recently.
AUTHY: Hi Manoj. Thanks for taking the time to chat with us.
Manoj: A pleasure.
First off, where in the world are you and what do you do?
I live in Bengaluru, the Silicon Valley of India. I’m a software engineer, more specifically a backend developer working on Ruby On Rails with a keen interest in Cloud, especially AWS.
Have to admit that we only recently learned that Bangalore changed its name to Bengaluru a few years ago. And yes, it is a very high-tech city.
It is. There are a lot of opportunities here. After working at Freshdesk for just under two years, I began working as a software engineer for Flock Software for just over six months ago. At Flock, I’m responsible for the entire cloud infrastructure. We’re an all-in AWS customer and make heavy use of AWS services. I also work on the backend side of things here, mostly with Ruby On Rails and PostgreSQL.
And when not working?
I’m an avid reader and a huge fan of Pocket! I spend most of my downtime going through news articles I have saved there and even wrote a blog post about how it changed my life. If I were to give you a list of top websites I read from, it would be HackerNews, Medium, Quora, and Reddit.
We recently checked and were surprised that Pocket hasn’t yet offered it’s users any 2FA security. Are you afraid you could be vulnerable there?
Luckily, I’ve never been hacked. The concept of two-factor authentication was pretty new to me when my previous employer had asked everyone in the company to enable 2FA for our official email accounts, and for Github. After that, I always made it a point to secure even my personal accounts using 2FA wherever I can.
Was Authy your first choice? Or did you try another 2FA first?
No, I used Google Authenticator first. Probably because Google itself advises to use it while you set up 2FA for your Google accounts.
So how’d you discover Authy?
This is a funny story. So, one of my colleagues lost her phone, and she was using Google Authenticator for her Github account. She had not saved her recovery codes anywhere. Essentially this meant she was locked out of Github with no way of getting back in. Finally, she had to set up a new Github account. That is when it hit me: What if I lost my phone, too? So I Googled other providers and finally settled on Authy. I have not looked back since.
How long ago was that?
I have been using Authy soft tokens for about 2.5 years now and I currently have nine accounts secured.
Glad you’re happy with the service. Can we ask what features are your favorite?
The best thing about Authy is that it is multi-device. I can use it on my phone or my browser. So even if I lost my phone, I am not locked of out my accounts. I also like it that I can just copy/paste the codes from within the browser, without even have to take my phone out. In fact, in my current organization, when we started implementing 2FA for our AWS and Google accounts, I advised everyone to use Authy instead of Google Authenticator.
Any suggestions on how we can improve Authy?
Sure. In a perfect world, it would be awesome if Authy could figure out which webpage I’m currently in and then automatically paste in the corresponding token. Or if I am visiting a site that offers two-factor security, but I haven’t enabled it for that site, it would be great if Authy could notify me to do so. That might increase adoption of the service.
There are some new improvements coming that I’m sure you’ll appreciate, and I’ll be sure to pass your suggestions over to the engineering team. Anything else?
You guys have made a kickass product. Keep up the good work!