I just switched to Authenticator Pro from Authy and I’ve been very pleased. It took some time to get my codes transferred over, but now I have android wear support, night mode, and my codes aren’t held hostage by Twilio!
You must log in or register to comment.
Aegis ftw
I think some people get to paranoid with 2fa with storing in password manager. Like if you have a high threat model keep it separate. But for most people just having a password manager with 2fa is streets ahead of 99 percent of people.
Using Authy. Pretty happy with it. It’s key feature for me has been the ability to easily restore if you lose, reset or upgrade your device, without having to mess around with your own backup and syncing.
Would suck to reset your phone and discover the sync had failed and the backup was not up to date.
I would like to have it on Wear OS though…
Authy is alright but I found myself increasingly uneasy. No major updates for a very long time and being owned by a giant security corporation, combined with the inability to export my codes, left me feeling like it was enshittification waiting to happen. I wanted dark mode and more control over the icons and organization too
Yeah. If it gets enshittified or sold to a dodgy company, I’d not hesitate to migrate.
Might bookmark this thread for if (when?) that time comes.
Authy does have dark mode as a toggle in the settings, btw. Not sure when that was added.
Yes, but doesn’t track with system
Aegis is FOSS and supports easy backup and restore. TOTP 2FA isn’t a very changing or proprietary technology so using open source options are easy.
I’m a happy Aegis user but there are other similar FOSS apps that I don’t remember their names you might wanna check
deleted by creator
Used andOTP but got discontinued, Aegis is the king now :)
Aegis, simple, Foss, and has all the features I’d want (ex: biometrics).
Biometrics got me. One day it stopped working and I had forgotten the password since I wasn’t using it frequently.
I just use Bitwarden. I can have my passwords and TOTP all in one place, and if I auto-fill, I can have it automatically copy the TOTP to the clipboard to make it even easier
Authenticator Pro is quite good and looks beautiful with material theming. I’ve recently completed shifted to Proton Pass though, which is a complete E2EE password manager having support for 2FA as well. It’s synced with Firefox on my desktop and laptop.
Do you know if it’s possible to use Proton Pass just for 2FA or do I need to store my passwords there too?
You can use it just for 2FA if you want.
Aegis and keepassxc/dx for me. I just manually backup everytime I make a change which isnt often
Keepass for passwords AND 2FA codes. It is really awesome to have them in one place.
Kind oft defeats the purpose a bit having the second factor in the same place as the first. But I’m doing the same.
Why? If service you using will be compromised password will be known. But 2FA isn’t, so it is useful.
When somebody somehow gets access to your Keepass Database.
meh, too unrealistic situation for most people and me 🙂
Never say never.
We are talking about MOST time, not never. So it is valid argument. It can happen but I would not protect from this, too small chance. But 2FA thing is always useful, so Keepass 2FA is way better solution than do not have it at all 🙂
If you are already using BitWarden as your password manager you should know that it also supports 2FA. Before I figured that out I was using Google authenticator because it saves to the cloud and I was paranoid about losing my 2FA.
But is it really still a second factor when it is stored in the same app that stores the first factor of authentication?
Well that just raises questions about password managers in general. Why protect all your unique passwords with one that you likely never change?
Is this a rhetorical question? One very very strong password that is never passed to a third party, managing a separate passwords that do have to be sent over the internet, is definitely a better strategy. It makes 2FA redundant for the majority of standard threat models, and that’s why bitwarden includes support for those timings too.
