Comment on Google will now make passkeys the default for personal accounts
CletusVanDamme@lemmy.world 11 months agoAuthy on the phone while also using their desktop app. If you lose the phone you still have options.
Comment on Google will now make passkeys the default for personal accounts
CletusVanDamme@lemmy.world 11 months agoAuthy on the phone while also using their desktop app. If you lose the phone you still have options.
killeronthecorner@lemmy.world 11 months ago
Each to their own but cloud syncing and MFA are a bad mix in my eyes. It has a “who watches the watchmen” problem and is somewhat defeats the point of having a trusted factor when you have an untrusted one on “someone else’s computer”.
Authy have demonstrated why this is a problem, plus they’re closed source, so it’s a big no from me.
derpgon@programming.dev 11 months ago
Vaultwarden, a FOSS Bitwarden server compatible with upstream clients, is able to store TOTP, and when self hosted, you are the watchmen.
killeronthecorner@lemmy.world 11 months ago
Yeah, this is fine. It’s closed source, opaque cloud solutions that people should be wary of.