At this moment Aegis is far superior to bitwarden auth. But it looks promising.
I really like the ability to “sideload” the icons for the codes and automatic encrypted backups to cloud storages.
Comment on Bitwarden has launched a new authenticator app
cyrus@sopuli.xyz 2 months ago
To those that are confused about this:
Bitwarden does indeed handle TOTP directly in the password manager, but only on paid accounts and only logged in.
This is a completely offline app, separate from your existing Bitwarden account, that is entirely free.
It might serve as an alternative to e.g Aegis to some.
Appoxo@lemmy.dbzer0.com 2 months ago
zingo@lemmy.ca 2 months ago
Not switchin’ from Aegis. No sir’ee.
RecluseRamble@lemmy.dbzer0.com 2 months ago
It might serve as an alternative to e.g Aegis to some.
Does it have any killer features in favor of using the free app of an for-profit company instead of an established FOSS app?
Tenkard@lemmy.ml 2 months ago
Bitwarden apps have been open source since the beginning, mobile + backend + web
lefixxx@lemmy.world 2 months ago
I use the TOPT features and i dont have a paid account
sugar_in_your_tea@sh.itjust.works 2 months ago
Do you self-host? I think that’s another way to get the TOTP features w/o a paid account.
lefixxx@lemmy.world 2 months ago
Probably but i am not
Serinus@lemmy.world 2 months ago
I haven’t been entirely happy with Bitwarden for other reasons. You can’t self host and share with one other person without paying them $40/year. Their advertising is deceptive, because they say you can do both for free. But that one or the other, not both.
jo3shmoo@sh.itjust.works 2 months ago
I don’t think I realized that was a limitation because I’ve been using the Vaultwarden fork. github.com/dani-garcia/vaultwarden
cyrus@sopuli.xyz 2 months ago
Have you heard if VaultWarden?
Vetinari@reddthat.com 2 months ago
As others have said vaultwarden is the solution here. It is free, you can manage multiple vaults, totp is free. All the platform bit warden apps & plugins work with it. Supposedly it is leaner and easier to set up. Don’t know for sure because it is all I have used.
For shared passwords, I have a family vault where I put my streaming pws and such and everyone has access without having to share my personal vault.
Serinus@lemmy.world 2 months ago
Yeah, VaultWarden sounds like the answer.
revv@lemmy.blahaj.zone 2 months ago
Is there a good reason I don’t know about to prefer this over Aegis?
SnotFlickerman@lemmy.blahaj.zone 2 months ago
No, they’re both ostensibly open source and standalone. I’m an avid Bitwarden Free user, but Aegis has been my go-to for a long time.
If it’s a standalone completely offline app, like Aegis, I’m at a loss to what they could offer that is any different than what Aegis already offers.
cyrus@sopuli.xyz 2 months ago
If you look at the roadmap they have in the blogpost, they are apparently planning tighter integration with the existing bitwarden suite
SnotFlickerman@lemmy.blahaj.zone 2 months ago
…but wouldn’t that undermine the fact that it’s standalone and offline?
sugar_in_your_tea@sh.itjust.works 2 months ago
How so? They already have TOTP built-in to the app if you pay for premium, so this is just a free competitor to their own offering.
I’m guessing they’re trying to make it a “gateway” to getting people on Bitwarden. Start with the TOTP app, then use the password manager, then pay for premium. Or something like that.
fluckx@lemmy.world 2 months ago
2FA push is on the roadmap. Does aegis have that? Or am I just too dense to realise it does?
SnotFlickerman@lemmy.blahaj.zone 2 months ago
I mean, Aegis is 2FA? That’s literally all it is? It generates One Time Pad codes for various sites and apps that support authentication apps.
So, I’m not sure what you mean?
cmhe@lemmy.world 2 months ago
I used to use Aegis, but after setting up my own vaultwarden, I use the normal bitwarden app/plugin on all my systems for passwords and TOTP.
The advantages are that I don’t need my phone to login, the keys are synced and backuped in the encrypted vaultwarden database, which I can then handle with normal server backup tools. It still works offline, because bitwarden app caches the password.
This is IMO much more convenient and secure (in a way that loosing access to a device doesn’t shut you out, and you don’t need to trust third parties) then most other solutions.
pitninja@lemmy.ml 2 months ago
Even if I hosted my own BitWarden vault, I wouldn’t put my passwords and 2 factor tokens in the same place because it’s eliminating the benefits that 2 factor provides if someone somehow manages to get into my vault.
rolling_resistance@lemmy.world 2 months ago
2 factor came into our life because people were using same passwords everywhere. With unique passwords, which are easy with password managers, it’s rarely needed.
cmhe@lemmy.world 2 months ago
There is not much difference between having two apps (password manager and authenticator app) or one app, that does both on the same device.
So, if you want more security, then you have to deal with a hardware token and never with a authenticator app. But then if you loose your token, then you have trouble.
derpgon@programming.dev 2 months ago
I don’t think it caches the password. Rather a decryption key is derived from your password and is used to unlock the encrypted blob.
cmhe@lemmy.world 2 months ago
What I meant is that is caches the password database for offline use.
Appoxo@lemmy.dbzer0.com 2 months ago
For now: No.