What 2FA app you recommend?

  • Leraje
    link
    fedilink
    English
    29
    edit-2
    1 year ago

    For Android, Aegis. You can get it it on Play, on one of the numerous *-Droid sources or straight from GitHub with Obtanium.

    Simple to use, open source, does encrypted exports which I regularly backup (along with Bitwarden and SimpleNotes exports) to one of these (Amazon link). It’s perfect for me.

      • vegyk0z6
        link
        fedilink
        81 year ago

        Moved to Raivo earlier this year and it’s great. Unfortunately it was just sold to a private company, so I’m looking for alternatives. From the replies here, might try 2FAs

  • Chemical Wonka
    link
    fedilink
    English
    121 year ago

    Undoubtedly Aegis for Android, because it has the easiest way to backup your codes. Excellent! And it is open source without internet connection.

    • KrisND
      link
      fedilink
      English
      21 year ago

      I was going to say it but didn’t want to be the only one. I do recommend and use it though.

  • @cheese_greater@lemmy.world
    link
    fedilink
    English
    9
    edit-2
    1 year ago

    I recommend KeePass and I encourage everyone to consider it given its platform-agnostic portable format. What happened to Raivo cannot happen to KeePass and its more of a universal solution as opposed to 1) Android: Aegis 2) iOS: Tofu or OTP etc.

    All of those are very good apps but the problem remains that they all have their own peculiar/specific format that doesn’t necessarily play nice with any other app. KeePass is a convention/format that doesn’t really vary between implementations.

    Edit: It also allows for choice in whether to keep it local or to safey sync in your choice of cloud service without exposing the contents unencrypted. If you don’t want to manage any of that, I would recommend Bitwarden and paying the $10 once and see if you’re still fine the next year without having to resubscribe if thats a problem for you.

    • @poring@lemm.ee
      link
      fedilink
      English
      31 year ago

      The problem here would be storing your passwords along with your 2fa. You’re basically giving away every information needed to enter your accounts in case someone get access to your vault.

      The best option would probably be using both KeePass and BitWarden. You store your passwords in one and your 2fa in the other.

  • @Harrison@infosec.pub
    link
    fedilink
    81 year ago

    Android is easy, Aegis.

    IOS is much harder. Right now, probably “2FAs”. Authy is owned by Twilio, Raivo was just bought out by an advertising company, and the others are either too small to get the exposure required for any level of security or charge for the feature.

    • westingham
      link
      fedilink
      41 year ago

      I’m out of the loop, why is Authy being owned by Twilio a bad thing?

      • @Harrison@infosec.pub
        link
        fedilink
        51 year ago

        It’s less that Twilio specifically owns it than problems resulting from corporate ownership. Briefly:

        1. You can’t get your data out of Authy. Actually you can, but it’s a long annoying process involving installing an out of date chrome extension and using developer tools.
        2. Privacy issues. Authy links a lot of data including location to your identity.
        3. Authy supports SMS account recovery (which is inherently insecure) and doesn’t allow users to disable it.
  • xyz
    link
    fedilink
    English
    61 year ago

    I’ve been using Aegis Authenticator for about two years now . It is free and open-source, and works as expected.

    • @JonEFive@midwest.social
      link
      fedilink
      English
      61 year ago

      Then what do you use for your password manager?

      I’ve always been of the mindset that storing your 2fa next to your passwords at least partially defeats the purpose of 2fa.

      The two types of attacks I worry about would be a hacked/leaked password from a third party site, or your password manager being compromised. While the latter is far less likely, it is still something I’d like to protect myself from as much as possible.

      • @TheButtonJustSpins@infosec.pub
        link
        fedilink
        English
        51 year ago

        If my password manager is compromised, I’m well and truly fucked. If one site has shitty security (odds of which are approximately 1), having 2FA might help.

        • @ExLisper@linux.community
          link
          fedilink
          English
          11 year ago

          This shouldn’t be the case. Using password manager shouldn’t mean you only have one password, it should mean you have less password to remember. I use password manager for all the insignificant pages/apps like lemmy, strava, netflix, spotify. If someone hacks them they can cancel my subscription and that’s about it. I don’t store password for my email, bank or amazon in my password manager.

      • zap_cat
        link
        fedilink
        11 year ago

        I’m using BW for both passwords and 2FA and have Yubikey set up for BitWarden.

  • walden
    link
    fedilink
    English
    41 year ago

    I’ve been happy with andOTP on Android.

    • I need NOS
      link
      fedilink
      English
      41 year ago

      It’s good. Just keep in mind that it hasn’t been updated in a while…

      • walden
        link
        fedilink
        English
        21 year ago

        I hadn’t even noticed. With all the mentions of Aegis it looks like I was behind the times. Aegis was able to import my andOTP entries so I’ll give it a try.