What authenticator app do you use? How do you backup? Any open source self hosted options?
2FAS, because it’s fucking beautiful (UI, dark mode, lovely site logos). It has a couple backup options. Also using Bitwarden (paid feature) for less important sites; it’s quicker but I prefer my 2FA truly separate from passwords.
Link for anyone else: https://2fas.com/
Thanks for the recommendation, I had not seen this project before and it looks fantastic.
This looks great! Was going to give it a try, but it doesn’t pull in the service name when importing from Aegis. I don’t want to try it bad enough to manually edit every entry. Lol.
I use Vaultwarden server with the Bitwarden app for all passwords and 2fa keys in one app
I usually use authy for 2fa and bitwarden for passwords
deleted by creator
Yubico Authenticator + nfc yubikeys
Only downside with Yubikeys is that you can’t really have backups. The solution is to have two of them, and add the 2FAs to each of them every time you sign up for a new account. It does mean you pretty much can’t have offsite backups though.
Personally I keep a USB-A with NFC one on my keyring and then a UISB-C one at my desk, which covers every device I have.
Exact same setup!! I have 2 keys, one on my keychain, one in my safe! My totp is thru yubico authenticator, and some are in aegis
Same. It’s just soo convenient
https://github.com/tadfisher/pass-otp + Android Password Store with an NFC YubiKey
An nfc enabled Yubikey so I can use it with my phone and computer
@workinkindofhard @MenacingMight definitely my favorite security tool, I just need to buy a 2nd copy in case I lose mine
Same here. I have two keys (one as backup just in case). I just wish more stuff would support FIDO2 so I don’t need to have as many TOTP keys (since apparently there’s a limit on how many TOTP keys it can store).
I have 2 yubi keys for the more important systems and store the rest in bitwarden.
With your 2 yubi keys, is it possible to set one up as a clone of the other? I’ve been manually adding to both keys but that’s a pain when I don’t have the backup with me.
No, you do have to set them up separately/while you have both on hand. Being able to clone them would kind of defeat their point :)
1password for me, as I get a family account through my work, as we have a corporate plan and every employee gets access to a family plan as a perk. The family plan is separate and not accessible through work so no one gets access to anything private, it’s just a regular 1pass account we get for free basically.
I know it’s the “worst” option now (didn’t when I was signing up), but I use Google Authenticator. So far no issues and haven’t locked myself out
Same, I figure as long as they don’t push me to use the cloud connected backup feature I’m ok. I also started backing up the totp keys to my selfhosted bitwarden as an extra measure on top of my regular NAS+rsync.net backups of the qr images
https://github.com/dani-garcia/vaultwarden with the official Bitwarden App/Firefox extension
deleted by creator
Second this
I have been using this https://github.com/beemdevelopment/Aegis Its great!
edit: I will add that 1password works well too. I use that for workI’ll second Aegis!
I second aegis
deleted by creator
I second Aegis too.
Keepassxc Database with keepassxcxc and yubikey :)
The Moment i learned that i can use totp with keepassxc killed aeges for me :)
I use Aegis for important apps and store all non-critical ones in vaultwarden. It’s a good trade-off in my opinion of having the convenience for less important things but still be secure and not having a single point of compromise for my critical, sensitive apps.
For iOS I use Raivo. https://apps.apple.com/us/app/raivo-otp/id1459042137
That looks great! I won’t be able to switch though because I need it to work across everything, and sadly it doesn’t have web or Windows apps, which I would need for my day at work (since I can’t have my phone on me at work)
Same. Switched over from Authy recently and I highly recommend it!
I love the macOS clipboard feature.
The best!
I was on Authy, but painfully migrated to Aegis. I keep a backup on my NAS just in case.
I think Authy was the better app, and good with it working on my PC, but Aegis is more secure so that won.
