69

I just switched to Authenticator Pro from Authy and I've been very pleased. It took some time to get my codes transferred over, but now I have android wear support, night mode, and my codes aren't held hostage by Twilio!

top 50 comments
sorted by: hot top controversial new old
[-] ModdedPhones@lemmy.ml 27 points 1 year ago* (last edited 1 year ago)

AndOTP Foss and all things I want (encrypted backups,qr etc)

[-] skar3@feddit.it 26 points 1 year ago
[-] privsecfoss@feddit.dk 23 points 1 year ago

I like Aegis being FOSS and for it's backup.

[-] FarLine99@lemm.ee 3 points 1 year ago

Keepass for passwords AND 2FA codes. It is really awesome to have them in one place.

[-] privsecfoss@feddit.dk 3 points 1 year ago

I agree, but not very secure if Keepass is compromised. For security I think it's better to separate passwords and MFA.

load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)
[-] Trapping5341@lemmy.world 22 points 1 year ago

I use bitwarden for 99% of my 2FA. The rest goes into both Google Auth and Authy.

[-] revanite@lemm.ee 6 points 1 year ago

I use bitwarden for all but it's protected by a yubikey.

load more comments (1 replies)

This is the way to go! Bitwarden's authenticator is just so smoothly integrated into the login process - Ctrl-Shift-L to login, them Ctrl-V to paste the code.

I use yubikeys wherever they're available and I use Aegis for the rare TOTP I don't store in Bitwarden.

[-] Trapping5341@lemmy.world 4 points 1 year ago

Been looking into getting a yubikey recently and just can't bring myself to bite the bullet.

load more comments (2 replies)
[-] Wizza@lemmy.zip 5 points 1 year ago

Oh, didn't know bitwarden also managed 2FA, could've saved the space from using authy. Is that a (somewhat) new feature or is it just me being blind and missing it?

[-] Trapping5341@lemmy.world 3 points 1 year ago

It's not as obvious as the other apps for sure and requires the premium subscription which is like 10 bucks a year. Was an instant buy for me when I switched over. When you auto fill a login it will automatically copy your 2FA key to quick paste into the box. I love it.

[-] Wizza@lemmy.zip 2 points 1 year ago

That does sounds nice, but on the other hand... i do like free stuff, instead of paying for subscriptions...

[-] Trapping5341@lemmy.world 2 points 1 year ago

Yeah I don't disagree but $10 a year is well worth it imo. Plus it keeps all your passwords and 2FA in one easy place.

load more comments (2 replies)
[-] dantheclamman@lemmy.world 2 points 1 year ago

So you store the TOTP for Bitwarden in one of the other apps?

[-] floppy@rabbitea.rs 4 points 1 year ago

I use Bitwarden for 2FA and the Bitwarden TOTP is in Aegis (I switched there from Authy after seeing a mention of it yesterday - never liked that it's near impossible to get the tokens back out of Authy, but Bitwarden is the only thing I use it for). Actually the Bitwarden code is in Bitwarden too 😉.

I don't particularly like that the passwords and TOTP are stored together, but it makes things much more convenient.

load more comments (1 replies)
[-] baatliwala@lemmy.world 20 points 1 year ago

Aegis is FOSS and supports easy backup and restore. TOTP 2FA isn't a very changing or proprietary technology so using open source options are easy.

[-] FinancedPizza@lemming.quest 19 points 1 year ago

Aegis, simple, Foss, and has all the features I'd want (ex: biometrics).

[-] a_spooky_specter@lemmy.world 3 points 1 year ago

Biometrics got me. One day it stopped working and I had forgotten the password since I wasn't using it frequently.

load more comments (1 replies)
[-] CaldeiraG@lemmy.world 11 points 1 year ago

Used andOTP but got discontinued, Aegis is the king now :)

load more comments (2 replies)
[-] TacoRaptor@lemmy.world 9 points 1 year ago

Aegis user here ✌️ I've never had any issues since I started using it. Switched to it and Bitwarden after using LastPass for quite a bit. I know Bitwarden has 2FA but I haven't decided if I want premium yet or not.

[-] dantheclamman@lemmy.world 4 points 1 year ago

I actually have Bitwarden premium, which I subscribe to because it costs very little and I like the service a lot. Would be super convenient to have codes pop up automatically, but I am wondering if it's a good idea to store everything in one place. May eventually move over, but it is quite convenient to have the codes on Android Wear for now :)

load more comments (1 replies)
[-] Ginjutsu@lemmy.world 8 points 1 year ago

Aegis all the way, but I'm curious about Bitwarden's offering. May check it out one of these days.

[-] MusketeerX@lemmy.world 7 points 1 year ago

Using Authy. Pretty happy with it. It's key feature for me has been the ability to easily restore if you lose, reset or upgrade your device, without having to mess around with your own backup and syncing.

Would suck to reset your phone and discover the sync had failed and the backup was not up to date.

I would like to have it on Wear OS though....

[-] dantheclamman@lemmy.world 4 points 1 year ago

Authy is alright but I found myself increasingly uneasy. No major updates for a very long time and being owned by a giant security corporation, combined with the inability to export my codes, left me feeling like it was enshittification waiting to happen. I wanted dark mode and more control over the icons and organization too

[-] MusketeerX@lemmy.world 3 points 1 year ago

Yeah. If it gets enshittified or sold to a dodgy company, I'd not hesitate to migrate.

Might bookmark this thread for if (when?) that time comes.

load more comments (2 replies)
[-] stown@sedd.it 6 points 1 year ago

If you are already using BitWarden as your password manager you should know that it also supports 2FA. Before I figured that out I was using Google authenticator because it saves to the cloud and I was paranoid about losing my 2FA.

[-] MartianFox@feddit.de 4 points 1 year ago

But is it really still a second factor when it is stored in the same app that stores the first factor of authentication?

[-] stown@sedd.it 3 points 1 year ago

Well that just raises questions about password managers in general. Why protect all your unique passwords with one that you likely never change?

[-] zipsglacier@lemmy.world 4 points 1 year ago

Is this a rhetorical question? One very very strong password that is never passed to a third party, managing a separate passwords that do have to be sent over the internet, is definitely a better strategy. It makes 2FA redundant for the majority of standard threat models, and that's why bitwarden includes support for those timings too.

load more comments (1 replies)
[-] JuvenoiaAgent@lemmy.ca 4 points 1 year ago

I use Authenticator Pro like you. We are the same.

[-] wegettosss@lemmy.world 4 points 1 year ago

I've been using Microsoft authenticator for a long time but authenticator pro looks decent. Just tried to export stuff from Microsoft app and there is one interesting thing: i will have to do all of my accounts manually. Yep, no export. But i will do it, after that i eill have not a single app from Microsoft which means my privacy will be happier

[-] Cakeboss16@lemmy.world 4 points 1 year ago

I think some people get to paranoid with 2fa with storing in password manager. Like if you have a high threat model keep it separate. But for most people just having a password manager with 2fa is streets ahead of 99 percent of people.

[-] forbiddenlake@fedia.io 3 points 1 year ago

I use Authy, but these comments are going to make me check out Authenticator Pro, especially since I see its backup story on the main page, and it supports sha256, which Authy does not (and enabling current Lemmy 2fa silently fails).

[-] rodrigoswz@lemdro.id 3 points 1 year ago* (last edited 1 year ago)

Authenticator Pro here too

Material You, Wear OS and auto backup is a game changer!

[-] noneabove1182@sh.itjust.works 3 points 1 year ago

I've been using microsoft's authenticator and it works well, but reading these comments i'm thinking it may be time to consider a change..?

[-] mfat@lemdro.id 4 points 1 year ago

Microsoft Authentication didn't allow me restore my backed up codes when I switched from iPhone to Android.

[-] dantheclamman@lemmy.world 3 points 1 year ago

Whatever works for you, but I switched from Authy because it didn't have the features I wanted, and I was uncomfortable with them holding my codes in a non-portable format!

[-] gogosempai@programming.dev 3 points 1 year ago

Authenticator Pro is quite good and looks beautiful with material theming. I've recently completed shifted to Proton Pass though, which is a complete E2EE password manager having support for 2FA as well. It's synced with Firefox on my desktop and laptop.

load more comments (2 replies)
[-] AbidanYre@lemmy.world 3 points 1 year ago

A lot of people like Aegis. I just keep it all in VaultWarden because I'm lazy and it's easier.

[-] Chifilly@lemmy.world 3 points 1 year ago

I just use Bitwarden. I can have my passwords and TOTP all in one place, and if I auto-fill, I can have it automatically copy the TOTP to the clipboard to make it even easier

[-] Whirlybird@aussie.zone 3 points 1 year ago

Bitwarden and Microsoft Authenticator. Both are fully featured password managers with 2FA code support.

[-] w2tpmf@kbin.social 2 points 1 year ago
[-] Kerrigor@kbin.social 2 points 1 year ago

Microsoft. It's one of the most convenient ones, and there's no risk of them selling to a company like Tencent etc. The evil you know and all that

load more comments (1 replies)
[-] Veraxus@kbin.social 2 points 1 year ago

Anything that works with 1Password is fine by me.

[-] Raisin8659@monyet.cc 2 points 1 year ago

2FAS are on both Android and iOS. Also has a browser extension that may make entering the 2FA on the desktop more pleasant. Free. Open-sourced.

[-] bill@fedia.io 2 points 1 year ago

I use FREEOTP+. It's on F-Droid and Gstore. It easily exports to JSON and key URI formats. Has a dark mode.

load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 17 Jul 2023
69 points (97.3% liked)

Android

17640 readers
153 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: !android@lemdro.id


💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.


Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below


Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More


founded 1 year ago
MODERATORS