Hey, I need to move one day of Google Authenticator, and I was wondering if their was a project like Bitwarden for 2 Factor Authentication
Take care!
Hey, I need to move one day of Google Authenticator, and I was wondering if their was a project like Bitwarden for 2 Factor Authentication
Take care!
Aegis Authenticator for Android: https://getaegis.app/
Raivo OTP for iOS: https://raivo-otp.com/
2FAS however is cross-plataform, open source, and what I'm using right now: https://2fas.com/
Wow, the program that keeps on giving, I'm surprised, I just checked, and I think I'm going to move my 2FA to Bitwarden
I use bitwarden for the bulk of my 2fas and aegis for the 2fa for bitwarden itself and a couple other sensitive/important sites that I want separated. Be sure to back up your 2fas somehow for bitwarden.
Bitwarden provides a facility for MFA. Though there's an argument to be made against eggs + baskets. It might defeat threw purpose a bit.
I use Aegis which is opensource and easily encrypted and backed up locally. Saved my ass where I accidentally deleted my 2FA for Bitwarden, thus locking me out in circle of shite. Aegis allowed me to roll back and pull in that one missing key without having to redo a load i'd made since the last backup and all was good.
Yea, I think everyone that is saying Bitwarden supports 2FA is missing the point of 2FA. You don’t want it to be in the same place where all your passwords are, otherwise if someone gets access to your passwords they essentially can prove they are you.
That being said, I use a mixture of Authy + Bitwarden. Bitwarden for sites that require it but aren’t really a priority for me to keep separated, and Authy for 2FA codes that I prefer being separate from my passwords.
You can use Bitwarden Premium for 2FA keys. It's pretty cheap and well worth it to support development ($10/yr).
If you're on Android and don't want to pay for Bitwarden Premium, I'd use something like Aegis Authenticator.
I personally think it's best to keep 2FA keys out of password managers.
The whole point of 2FA is to have a seconds factor to authenticate you.
If someone gets access to your password vault with your 2FA keys, they have access to all of your accounts - 2FA protected it not. If you keep the keys in another app, they cannot access your accounts nearly as easily.
Yes: Bitwarden.
Idk about the central instance, but I use my bitwarden (specifically vaultwarden) instance for my TOTP keys. I can just autofill and then it copies the current TOTP key and i can paste it in to log into whatever i'm logging into!
KeePass. You need TOTP plugin for Windows and there is a nice Android app that implements it out of the box. They also support Steam OTP, though it's a bit hard to set up.
There is also KeePassXC if you want a cross-platform client, but I have no idea how good it is as I never used it.
KeepassXC is a really good option. I was using it for a while and it was great but bitwarden syncing is just so convenient.
I'm just hosting a file server for that. A bit too concerned about giving my passwords to a third party.
I don't think I'd go with Yubikey, but just because that's what I'm using at work, that's the only reason
I have been tempted to get yubikeys but it seems like a hassle to have two and keep them in "sync".
This is the way tbh. Though honestly it’s not bad to have two, usually when a website has an MFA flow you can set up the second at the same time, I only have one 5C NFC and it works with my phone and laptops (and iPad)
On iOS/iPadOS/macOS there’s a fantastic app named “OTP Auth”, highly recommend it.
Link for anyone interested: https://apps.apple.com/app/id659877384
Google Authenticator is just a UI for TOTP which is standardized. I've used Authy for many years. But there's also many many implementations: https://search.f-droid.org/?q=totp&lang=en
Just plain old TOTP? A lot of applications support it, you could even implement one yourself if you are brave, as the algorithm is very simple (don't do that): https://datatracker.ietf.org/doc/html/rfc6238