What authenticator app do you use? How do you backup? Any open source self hosted options?
deleted by creator
deleted by creator
+1 for aegis. Keep my secret codes in an encrypted backup file just in case
I use Aegis, which automatically backs up with each change to the database to a folder that gets synced to a couple of different computers via syncthing.
For backup codes, I have a separate keypass database that’s backed up to a couple of places. I thought about using Bitwarden for this backup, but having my 2FA backups in the same place as my passwords kinda defeated the point, IMO.
Anyway, this system has worked well for me.
Yubico Authenticator and Aegis depending on the importance of the account. I have a secondary Yubikey for quick access backups and a keepass database exclusively for my TOTP keys that I backup to my nextcloud server in real time with versioning. Similarly, I backup my Aegis backups with the nextcloud app.
For iOS I use Raivo. https://apps.apple.com/us/app/raivo-otp/id1459042137
2FAS, because it’s fucking beautiful (UI, dark mode, lovely site logos). It has a couple backup options. Also using Bitwarden (paid feature) for less important sites; it’s quicker but I prefer my 2FA truly separate from passwords.
Link for anyone else: https://2fas.com/
Thanks for the recommendation, I had not seen this project before and it looks fantastic.
This looks great! Was going to give it a try, but it doesn’t pull in the service name when importing from Aegis. I don’t want to try it bad enough to manually edit every entry. Lol.
I usually just use KeePassXC, which is open source and self hosted (kinda). It’s synced over onedrive, though something like syncthing would work fine too.
No backups per-se, but onedrive should handle accidentally deleted files, and the database is on a few machines anyway so the chances of anything permanently happening to all copies are rather slim.
I use Aegis for 2FA and keepassdx for password management. Syncthing keeps everything synced across devices without any effort on my part.
Aegis on Android, Raivo on iOS
Started with self hosting Vaultwarden
Moved onto an annual family subscription to Bitwarden
@daFRAKKINpope
What made you switch?
I have a somewhat unpopular take on this. If the service supports hardware tokens, I will use it, any only it, as my 2FA method. However, if the service doesn’t support hardware keys I scan and store the TOTP code in 1Password alongside the password of the service. I realize this will cause some eyerolls because it’s not real 2FA, BUT the 1Password login is protected with a hardware key and it’s extremely convenient.
I played around using TOTP with Yubico Authenticator in the past, but it turns out you can fit only so many TOTP codes into a single Yubikey (something like 20-30?) This is a showstopper for me since I have hundreds of accounts with TOTP enabled.
KeePassXC for me…
I use the open source BitWarden password manager as a self hosted service and I am using its otp feature as it is really handy
I use both Aegis and VaultWarden (self-hosted). Both can be backed up locally or synced.
Authy for OTP, Bitwarden for passwords.
As long as my provider shows some concern for the sensitivity of the data I entrust them with, I’m good.
I use Bitwarden for both passwords and TOTP. So much easier than messing around with multiple apps.