What 2FA app you recommend?
For Android, I recommend Aegis [Play Store] [F-Droid]
For iOS, I recommend 2FAS [App Store]
For Linux, I recommend OTPClient [Flathub]
For BSD, either try compiling OTPClient from source, or use KeePass.
2FA app
Submitted 1 year ago by badgrandpa@lemmy.world to privacyguides@lemmy.one
Comments
hellfire103@sopuli.xyz 1 year ago
CertainlyProbably@programming.dev 1 year ago
Aegis for android it’s the best , been using it for like 2 years now.
cheese_greater@lemmy.world 1 year ago
I recommend KeePass and I encourage everyone to consider it given its platform-agnostic portable format. What happened to Raivo cannot happen to KeePass and its more of a universal solution as opposed to 1) Android: Aegis 2) iOS: Tofu or OTP etc.
All of those are very good apps but the problem remains that they all have their own peculiar/specific format that doesn’t necessarily play nice with any other app. KeePass is a convention/format that doesn’t really vary between implementations.
ebits21@lemmy.ca 1 year ago
Same. I pair it with KeePassium on iOS.
Harrison@infosec.pub 1 year ago
Android is easy, Aegis.
IOS is much harder. Right now, probably “2FAs”. Authy is owned by Twilio, Raivo was just bought out by an advertising company, and the others are either too small to get the exposure required for any level of security or charge for the feature.
westingham@kbin.social 1 year ago
I'm out of the loop, why is Authy being owned by Twilio a bad thing?
Harrison@infosec.pub 1 year ago
It’s less that Twilio specifically owns it than problems resulting from corporate ownership. Briefly:
- You can’t get your data out of Authy. Actually you can, but it’s a long annoying process involving installing an out of date chrome extension and using developer tools.
- Privacy issues. Authy links a lot of data including location to your identity.
- Authy supports SMS account recovery (which is inherently insecure) and doesn’t allow users to disable it.
walden@sub.wetshaving.social 1 year ago
I’ve been happy with andOTP on Android.
Supercharger@lemm.ee 1 year ago
It’s good. Just keep in mind that it hasn’t been updated in a while…
walden@sub.wetshaving.social 1 year ago
I hadn’t even noticed. With all the mentions of Aegis it looks like I was behind the times. Aegis was able to import my andOTP entries so I’ll give it a try.
chemicalwonka@discuss.tchncs.de 1 year ago
Undoubtedly Aegis for Android, because it has the easiest way to backup your codes. Excellent! And it is open source without internet connection.
yessikg@lemmy.film 1 year ago
Yubikey authenticator
Extrasvhx9he@lemmy.today 1 year ago
For ios used to say raivo but i would honestly just make a kdbx file just for your totp seeds only and then use something like keepassium or strong box. I think those allow cloud syncing too but im not sure
lad1337@lemmy.world 1 year ago
iOS Authenticator Open source no frills 2fa
privacyfalcon9899@lemmy.one 1 year ago
2FAS or Ente Auth.
TheButtonJustSpins@infosec.pub 1 year ago
BitWarden. :)
JonEFive@midwest.social 1 year ago
Then what do you use for your password manager?
I’ve always been of the mindset that storing your 2fa next to your passwords at least partially defeats the purpose of 2fa.
The two types of attacks I worry about would be a hacked/leaked password from a third party site, or your password manager being compromised. While the latter is far less likely, it is still something I’d like to protect myself from as much as possible.
TheButtonJustSpins@infosec.pub 1 year ago
If my password manager is compromised, I’m well and truly fucked. If one site has shitty security (odds of which are approximately 1), having 2FA might help.
zap_cat@kbin.social 1 year ago
I'm using BW for both passwords and 2FA and have Yubikey set up for BitWarden.
Elw@lemmy.sdf.org 1 year ago
Still use Google Authenticator. I know there are alternatives out there that have other features but I’m a pretty strong believer that my 2FA shouldn’t be backed up digitally. I keep any recovery information offline and prefer it that way.
walden@sub.wetshaving.social 1 year ago
I’ve used andOTP and now Aegis (as a result of this thread). Neither require cloud backups.
WeAreAllOne@lemm.ee 1 year ago
I’ve used andotp for like 2 years. Why everyone is suggesting Aegis ? Did you find any major differences?
leraje@lemmy.blahaj.zone 1 year ago
For Android, Aegis. You can get it it on Play, on one of the numerous *-Droid sources or straight from GitHub with Obtanium.
Simple to use, open source, does encrypted exports. It’s perfect for me.
badgrandpa@lemmy.world 1 year ago
Ive got iPhone. Raivo was good until now
vegyk0z6@kbin.social 1 year ago
Moved to Raivo earlier this year and it’s great. Unfortunately it was just sold to a private company, so I’m looking for alternatives. From the replies here, might try 2FAs