Comment on Google will now make passkeys the default for personal accounts
killeronthecorner@lemmy.world 11 months agoEach to their own but cloud syncing and MFA are a bad mix in my eyes. It has a “who watches the watchmen” problem and is somewhat defeats the point of having a trusted factor when you have an untrusted one on “someone else’s computer”.
Authy have demonstrated why this is a problem, plus they’re closed source, so it’s a big no from me.
derpgon@programming.dev 11 months ago
Vaultwarden, a FOSS Bitwarden server compatible with upstream clients, is able to store TOTP, and when self hosted, you are the watchmen.
killeronthecorner@lemmy.world 11 months ago
Yeah, this is fine. It’s closed source, opaque cloud solutions that people should be wary of.