You still need my(edit: I need mine, but you can use yours) phone but with the Firefox add-on you just need to accept the pushed notification for it to autocomplete the code
And it’s opensource
flumph@programming.dev
on 09 Jan 2024 00:58
nextcollapse
I can’t tell from their page – is it syncing via a SaaS service or just out to a file store like Google Drive?
Edit: It does sync with Google Drive and file exports. No SaaS component that I can see.
Thanks for the recommendation. Started working on migrating all of my 2FA over from Authy. The process sucks (that’s not the fault of 2FAS), but I really like 2FAS as an app so far.
whyNotSquirrel@sh.itjust.works
on 09 Jan 2024 17:16
collapse
yeah switching is a pain, also chose it for this reason, there’s an export option if I want to change again once
shortwavesurfer@lemmy.zip
on 08 Jan 2024 10:56
nextcollapse
I use KeePassXC on desktop
dvdnet89@lemmy.today
on 08 Jan 2024 11:12
nextcollapse
It’s $10 annually in case you thought it was monthly. I’d imagine if you went in and subbed, then cancelled the sub, you’d still have your year you paid for. But yah, I’d like an option to not auto-renew, even though I do.
unwillingsomnambulist@midwest.social
on 08 Jan 2024 13:17
collapse
Need to pay for a subscription for TOTP. It’s like $10/year for the personal plan.
CosmicTurtle@lemmy.world
on 08 Jan 2024 13:21
nextcollapse
Which is damn near cheap compared to other companies. I personally use dashlane (I know I know I should self host but I don’t trust myself for something as important as passwords) and that’s $60 for their premium package.
rambaroo@lemmy.world
on 08 Jan 2024 15:54
nextcollapse
Cool, I might check it out then. I knew I’d have to move off of authy eventually.
reev@sh.itjust.works
on 08 Jan 2024 16:32
collapse
I love my bitwarden but is it less secure to have all your eggs in one basket? That’s the main reason I’ve been using separate apps so far.
unwillingsomnambulist@midwest.social
on 08 Jan 2024 19:07
collapse
It may very well be, especially if the basket your eggs are in is full of holes. I always figure, as long as it isn’t a pad of paper on a desk, or a company that regularly makes headlines due to security breaches, I should be okay.
stealth_cookies@lemmy.ca
on 08 Jan 2024 16:46
nextcollapse
It is a bad idea to have your password manager and 2FA be the same app though. You want to spread it around so one attack can’t break your logins.
ikidd@lemmy.world
on 08 Jan 2024 17:00
nextcollapse
You aren’t wrong and I should rethink that. But BW is so damn handy.
BearOfaTime@lemm.ee
on 08 Jan 2024 17:41
nextcollapse
Good point.
Is it realistic (i.e. is it secure enough) to self-host 2 Bitwarden, one for passwords, one for authentication?
Or would splitting that between 2 Bitwarden logins work?
I just throwing stuff at the wall, I haven’t thought either of these through yet.
While that is true, the risk of someone brute forcing into an account of mine on the login side than on mine. That's what I use 2FA against. If they managed to break into my vault, they'd have broken into my Mailserver and whatnot, so....
bdonvr@thelemmy.club
on 08 Jan 2024 21:43
collapse
Yeah, I already run Vaultwarden. But like others I don’t really want to combine my tokens and passwords.
jlh@lemmy.jlh.name
on 08 Jan 2024 13:51
nextcollapse
I just use FreeOTP+ on my phone. It’s a fork of a Red Hat authenticator, and completely open source and available on F-Droid.
No sync, but you can export the TOTP secrets if you want to back them up/move them.
JustUseMint@lemmy.world
on 08 Jan 2024 17:21
collapse
Thanks was looking for something like this
stardreamer@lemmy.blahaj.zone
on 09 Jan 2024 07:12
collapse
Bitwarden has TOTP support with a pro license. Or you can just selfhost (using vaultwarden) and have all the features instead.
mlaga97@lemmy.mlaga97.space
on 08 Jan 2024 14:26
nextcollapse
Plugging pass/Password Store/Android Password Store for anyone wanting a good wrapper around git+pgp for desktop/Android using a YubiKey or similar hardware security key. It has pretty good OTP support built-in.
Monomate@lemm.ee
on 08 Jan 2024 17:33
nextcollapse
That’s an awful decision by Twilo. I deliberately only install Authy on my Desktop computers because they’re always at home and cannot be easily stolen/lost like my phone.
Only reason to choose Authy over anything else tbh. This just basically killed the product.
dantheclamman@lemmy.world
on 08 Jan 2024 22:08
nextcollapse
Twilio is under a lot of pressure from shareholders eager for more profit (CEO was just pushed out), so I figure this is just the start of a long wave of enshittification. I switched to Authenticator Pro (Android), which is much better in every way. Can backup between devices, has WearOS support, and a proper dark mode. I’d use bitwarden, but I hesitate to keep my TOTP keys in same place as my passwords
Pika@sh.itjust.works
on 08 Jan 2024 23:17
nextcollapse
well I’m now in the market for a new MFA app, anyone have any recommendations? Preferably one with a desktop alternative.
Bangs42@lemmy.world
on 09 Jan 2024 04:39
nextcollapse
I’ve started migrating all of my 2FA over to 2FAS. No desktop app per se, but it does have extensions for all major browsers, and apps for iOS and Android. You control the syncing of the 2FA (either automatically via Google Drive or via manual bulk exports to a local file), no SaaS bullshit.
icedterminal@lemmy.world
on 09 Jan 2024 06:42
nextcollapse
Pika@sh.itjust.works
on 09 Jan 2024 18:52
collapse
I think this was what I was planning on switching to when my current password manager subscription ran out anyway, and coincidentally I think it’s going to run out around the same time so this might be the alternative I try. I didn’t realize that you were able to use one time use codes via it
SirEDCaLot@lemmy.today
on 09 Jan 2024 03:48
collapse
BitWarden all the way. Stores your passwords, stores your 2FA, stores your passkeys.
KingThrillgore@lemmy.ml
on 09 Jan 2024 05:28
nextcollapse
I use Authy on mobile and have for years. When they gonna discontinue that?
NarrativeBear@lemmy.world
on 09 Jan 2024 05:46
nextcollapse
Aegis is a good alternative. Took a while to do the transfer as they don’t allow export of the tokens.
DLSantini@lemmy.ml
on 09 Jan 2024 07:48
nextcollapse
I didn’t even realize they had a desktop app. I’ve been using the mobile app for a few years. I was just thinking about installing the mobile app in my WSA install, since it just didn’t even occur to me that there was a desktop version. I guess now it doesn’t matter either way.
_edge@discuss.tchncs.de
on 09 Jan 2024 21:39
collapse
OK. Can someone please help me how to export?
I have Authy 2.4.2 on Linux desktop (too recent for the --remote-debugging-port option used here to work) and Authy 24.13.6 on Android.
I use mostly the Android version, but sync to the Desktop / Chrome App was a nice backup. If they discontinue this I’m not sure what’s next and would prefer some Android app where I can access the backup. I have Bitwarden Pro if this helps, but my first concern is to get the tokens out of Authy.
threaded - newest
Good thing I made the switch to 2FAS
You still need
my(edit: I need mine, but you can use yours) phone but with the Firefox add-on you just need to accept the pushed notification for it to autocomplete the codeAnd it’s opensource
I can’t tell from their page – is it syncing via a SaaS service or just out to a file store like Google Drive?
Edit: It does sync with Google Drive and file exports. No SaaS component that I can see.
Thanks for the recommendation. Started working on migrating all of my 2FA over from Authy. The process sucks (that’s not the fault of 2FAS), but I really like 2FAS as an app so far.
yeah switching is a pain, also chose it for this reason, there’s an export option if I want to change again once
I use KeePassXC on desktop
I would prefer this one for UI consistency and it is open source and we can setup PWA as well github.com/ente-io/auth?tab=readme-ov-file#-downl…
Yeah I’m in the process of switching my OTP stuff to keepassxc. Better hurry that up.
I did it all using this. Took me about half an hour to migrate all my 15-something accounts to KeepassXC.
Definitely. Having my 2FA in a local database that I can back up physically is the best.
Made the switch to Aegis a little while back. I like it a lot.
Aegis is just for Android. This is about a desktop program being discontinued.
There is OTPClient [0] for Linux which can be used to import your Aegis keys.
[0] github.com/paolostivanin/OTPClient
I just want a selfhostable Authy clone. Is that too much to ask?
Bitwarden can do everything Authy can afaik
BitWarden can generate 2FA tokens? I don’t see any option for that on Android
2FA need a active subscription i believe bitwarden.com/help/authenticator-keys/
Or you self host
True!
I self-host, but I still pay for their premium because it’s a damn good product I want to see kept maintained for years to come.
I mean, cmon, it’s $10. Almost cheaper than a banana.
That’s a good point.
I’m not paying currently because I don’t use their online service.
Adding them to my “Annual Donate to Software I find Useful” list, that I just started this year.
I despise subscriptions. For apps that have a hosted portion, I understand them, but I’d still rather pay annually.
It’s $10 annually in case you thought it was monthly. I’d imagine if you went in and subbed, then cancelled the sub, you’d still have your year you paid for. But yah, I’d like an option to not auto-renew, even though I do.
Oh, I saw that it was $10 for the year. That’s crazy cheap.
I just want my stuff on my stuff, after the Lastpass debacle last year - it was the last straw to push me into self hosting everything.
Lucille?
Glad someone caught that.
Thanks.
Vaultwarden can. Self hosting isn’t for everyone though.
Given that the comment was a demand for self hostable Authy, I think they might wanna :P
.
Ha. Apparently two comments worth of context is too much for me to handle.
Lol.
Welcome to the club, mate! 🤣
Need to pay for a subscription for TOTP. It’s like $10/year for the personal plan.
Which is damn near cheap compared to other companies. I personally use dashlane (I know I know I should self host but I don’t trust myself for something as important as passwords) and that’s $60 for their premium package.
Cool, I might check it out then. I knew I’d have to move off of authy eventually.
I love my bitwarden but is it less secure to have all your eggs in one basket? That’s the main reason I’ve been using separate apps so far.
It may very well be, especially if the basket your eggs are in is full of holes. I always figure, as long as it isn’t a pad of paper on a desk, or a company that regularly makes headlines due to security breaches, I should be okay.
It is a bad idea to have your password manager and 2FA be the same app though. You want to spread it around so one attack can’t break your logins.
You aren’t wrong and I should rethink that. But BW is so damn handy.
Good point.
Is it realistic (i.e. is it secure enough) to self-host 2 Bitwarden, one for passwords, one for authentication?
Or would splitting that between 2 Bitwarden logins work?
I just throwing stuff at the wall, I haven’t thought either of these through yet.
While that is true, the risk of someone brute forcing into an account of mine on the login side than on mine. That's what I use 2FA against. If they managed to break into my vault, they'd have broken into my Mailserver and whatnot, so....
Yeah, I already run Vaultwarden. But like others I don’t really want to combine my tokens and passwords.
I just use FreeOTP+ on my phone. It’s a fork of a Red Hat authenticator, and completely open source and available on F-Droid.
No sync, but you can export the TOTP secrets if you want to back them up/move them.
Thanks was looking for something like this
Bitwarden has TOTP support with a pro license. Or you can just selfhost (using vaultwarden) and have all the features instead.
.
Plugging pass/Password Store/Android Password Store for anyone wanting a good wrapper around git+pgp for desktop/Android using a YubiKey or similar hardware security key. It has pretty good OTP support built-in.
That’s an awful decision by Twilo. I deliberately only install Authy on my Desktop computers because they’re always at home and cannot be easily stolen/lost like my phone.
Only reason to choose Authy over anything else tbh. This just basically killed the product.
Twilio is under a lot of pressure from shareholders eager for more profit (CEO was just pushed out), so I figure this is just the start of a long wave of enshittification. I switched to Authenticator Pro (Android), which is much better in every way. Can backup between devices, has WearOS support, and a proper dark mode. I’d use bitwarden, but I hesitate to keep my TOTP keys in same place as my passwords
well I’m now in the market for a new MFA app, anyone have any recommendations? Preferably one with a desktop alternative.
I’ve started migrating all of my 2FA over to 2FAS. No desktop app per se, but it does have extensions for all major browsers, and apps for iOS and Android. You control the syncing of the 2FA (either automatically via Google Drive or via manual bulk exports to a local file), no SaaS bullshit.
You can use KeePassXC on desktop github.com/keepassxreboot/keepassxc
I think this was what I was planning on switching to when my current password manager subscription ran out anyway, and coincidentally I think it’s going to run out around the same time so this might be the alternative I try. I didn’t realize that you were able to use one time use codes via it
BitWarden all the way. Stores your passwords, stores your 2FA, stores your passkeys.
I use Authy on mobile and have for years. When they gonna discontinue that?
Aegis is a good alternative. Took a while to do the transfer as they don’t allow export of the tokens.
I didn’t even realize they had a desktop app. I’ve been using the mobile app for a few years. I was just thinking about installing the mobile app in my WSA install, since it just didn’t even occur to me that there was a desktop version. I guess now it doesn’t matter either way.
OK. Can someone please help me how to export?
I have Authy 2.4.2 on Linux desktop (too recent for the --remote-debugging-port option used here to work) and Authy 24.13.6 on Android.
I use mostly the Android version, but sync to the Desktop / Chrome App was a nice backup. If they discontinue this I’m not sure what’s next and would prefer some Android app where I can access the backup. I have Bitwarden Pro if this helps, but my first concern is to get the tokens out of Authy.