Comment on Need recommendations on something like Vaultwarden but for 2FA only.
morethanevil@lmy.mymte.de 11 months ago
In my opinion the best 2FA is a yubikey. They have an TOPT app too, but I prefer webauthn.
do you have two or more yubikeys? how do you handle sites that only allow registering a single webauthn dongle? how do you handle backup 2fa?
loosing my yubikey is the main reason why i havent used it yet for webauthn. I just use pass and openpgp keys stored on the yubikey as that way it was possible to backup the encryption private key to a seperate usb drive that can be used to restore it later if needed.
I have 2 yubikeys, one for backup in a safe place. If a site only allows one key, like PayPal, I use another method. Yubikeys are for 2FA on my nextcloud and bitwarden mainly. Both have backupkeys in case you lose them. Those keys are printed out and stored in a safe place too.
vividspecter@lemm.ee 11 months ago
I wish that cloudflare deal was still available. They are pretty expensive at RRP, although probably worth it on balance.
morethanevil@lmy.mymte.de 11 months ago
If yubikeys are too expensive for you, you can use the security keys. Webauthn is supported, but not TOTP. You could use vaultwarden or bitwarden for TOTP and the Security key as 2FA for bitwarden 🤔
vividspecter@lemm.ee 11 months ago
I’m actually using KeepassXC etc at the moment and am waiting on them to support
hmac-secretso the cheaper security keys work. Although I’m willing to switch to vaultwarden, I’d be more comfortable with both supporting it before I invest in it.