Yep, and Vaultwarden too!
Comment on Google Says Sorry After Passwords Vanish For 15 Million Windows Users.
Mwa@thelemmy.club 1 month agoso no more authy? BITWARDEN HAS THAT BUILT IN??? thats AWESOME
Allero@lemmy.today 1 month ago
dan@upvote.au 1 month ago
The most secure practice for any high-value accounts (email etc) is to use WebAuthn with a hardware key like a Yubikey.
TOTP is still vulnerable to phishing (a fake login page can ask for both a password and a TOTP code) so business/corporate environments are moving away from them.
Allero@lemmy.today 1 month ago
Sure, hardware keys are superior!
I’m only talking about best practtices when using TOTPs in particular.
Mwa@thelemmy.club 1 month ago
Alr
qaz@lemmy.world 1 month ago
It is a paid feature though if you don’t selfhost
Mwa@thelemmy.club 1 month ago
Oh
TurdMongler@lemmy.world 1 month ago
But it’s cheap! $10 a YEAR when I last checked.
Mwa@thelemmy.club 1 month ago
alr
dan@upvote.au 1 month ago
The paid features aren’t free if you self-host either. They’re free if you use Vaultwarden though.
Dreamless4561@sh.itjust.works 1 month ago
Yep, for only $10 per year. But just make sure to keep backups of your vault and/or make an emergency kit.
Hexarei@programming.dev 1 month ago
So does keepass