I just switched to Authenticator Pro from Authy and I’ve been very pleased. It took some time to get my codes transferred over, but now I have android wear support, night mode, and my codes aren’t held hostage by Twilio!

    • ASK_ME_ABOUT_LOOM@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      This is the way to go! Bitwarden’s authenticator is just so smoothly integrated into the login process - Ctrl-Shift-L to login, them Ctrl-V to paste the code.

      I use yubikeys wherever they’re available and I use Aegis for the rare TOTP I don’t store in Bitwarden.

        • ASK_ME_ABOUT_LOOM@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          If you can catch a good sale, they’re more affordable .I picked up two for about US$45 for their “May the Fourth” one-day sale in 2022.

          • Trapping5341@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Now that’s a price I can get behind. I think they are $55 for 1 of the series 5 right now. I debated just getting a security key version for $25 but I know I’ll just end up getting the higher tier later because I don’t really understand them and how they work.

    • Wizza@lemmy.zip
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Oh, didn’t know bitwarden also managed 2FA, could’ve saved the space from using authy. Is that a (somewhat) new feature or is it just me being blind and missing it?

      • Chris@rabbitea.rs
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        I use Bitwarden for 2FA and the Bitwarden TOTP is in Aegis (I switched there from Authy after seeing a mention of it yesterday - never liked that it’s near impossible to get the tokens back out of Authy, but Bitwarden is the only thing I use it for). Actually the Bitwarden code is in Bitwarden too 😉.

        I don’t particularly like that the passwords and TOTP are stored together, but it makes things much more convenient.

  • baatliwala@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    1 year ago

    Aegis is FOSS and supports easy backup and restore. TOTP 2FA isn’t a very changing or proprietary technology so using open source options are easy.

  • TacoRaptor@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Aegis user here ✌️ I’ve never had any issues since I started using it. Switched to it and Bitwarden after using LastPass for quite a bit. I know Bitwarden has 2FA but I haven’t decided if I want premium yet or not.

    • dantheclamman@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      I actually have Bitwarden premium, which I subscribe to because it costs very little and I like the service a lot. Would be super convenient to have codes pop up automatically, but I am wondering if it’s a good idea to store everything in one place. May eventually move over, but it is quite convenient to have the codes on Android Wear for now :)

  • Confetti@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    Aegis and keepassxc/dx for me. I just manually backup everytime I make a change which isnt often

    • FarLine99@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Keepass for passwords AND 2FA codes. It is really awesome to have them in one place.

      • Roxxor@feddit.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Kind oft defeats the purpose a bit having the second factor in the same place as the first. But I’m doing the same.

        • FarLine99@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Why? If service you using will be compromised password will be known. But 2FA isn’t, so it is useful.

                • FarLine99@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  We are talking about MOST time, not never. So it is valid argument. It can happen but I would not protect from this, too small chance. But 2FA thing is always useful, so Keepass 2FA is way better solution than do not have it at all 🙂

  • MusketeerX@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    Using Authy. Pretty happy with it. It’s key feature for me has been the ability to easily restore if you lose, reset or upgrade your device, without having to mess around with your own backup and syncing.

    Would suck to reset your phone and discover the sync had failed and the backup was not up to date.

    I would like to have it on Wear OS though…

    • dantheclamman@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      Authy is alright but I found myself increasingly uneasy. No major updates for a very long time and being owned by a giant security corporation, combined with the inability to export my codes, left me feeling like it was enshittification waiting to happen. I wanted dark mode and more control over the icons and organization too

      • MusketeerX@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Yeah. If it gets enshittified or sold to a dodgy company, I’d not hesitate to migrate.

        Might bookmark this thread for if (when?) that time comes.

      • rDrDr@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Authy does have dark mode as a toggle in the settings, btw. Not sure when that was added.

  • stown@sedd.it
    cake
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    If you are already using BitWarden as your password manager you should know that it also supports 2FA. Before I figured that out I was using Google authenticator because it saves to the cloud and I was paranoid about losing my 2FA.

    • MartianFox@feddit.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      But is it really still a second factor when it is stored in the same app that stores the first factor of authentication?

      • stown@sedd.it
        cake
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Well that just raises questions about password managers in general. Why protect all your unique passwords with one that you likely never change?

        • zipsglacier@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Is this a rhetorical question? One very very strong password that is never passed to a third party, managing a separate passwords that do have to be sent over the internet, is definitely a better strategy. It makes 2FA redundant for the majority of standard threat models, and that’s why bitwarden includes support for those timings too.

    • dantheclamman@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      Yeah, might eventually switch over but for now, keeping them separate. It does seem very convenient!

  • Cakeboss16@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I think some people get to paranoid with 2fa with storing in password manager. Like if you have a high threat model keep it separate. But for most people just having a password manager with 2fa is streets ahead of 99 percent of people.

  • tommy@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I’ve been using Microsoft authenticator for a long time but authenticator pro looks decent. Just tried to export stuff from Microsoft app and there is one interesting thing: i will have to do all of my accounts manually. Yep, no export. But i will do it, after that i eill have not a single app from Microsoft which means my privacy will be happier