this post was submitted on 01 Aug 2023
92 points (100.0% liked)

Privacy Guides

16784 readers
59 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
jonah@lemmy.one
dngray@lemmy.one
freddy@lemmy.one
ninchuka@lemmy.one
jonah@lemmy.jonaharagon.net
92
What 2FA app are you switching to? (iOS) (lemmy.one)
submitted 1 year ago by Senjutsu@lemmy.one to c/privacyguides@lemmy.one
58 comments fedilink hide all child comments
 

As we all know, Ravio has been removed from the recommended multi-factor authentication apps for iOS on PrivacyGuides.

As I want to export all my TOTP codes out of Ravio ASAP, what apps are you migrating towards? I know a few were mentioned such as:

• Tofu • Ente • 2FAS • FreeOTP • Bitwarden TOTP + Yubikey

top 50 comments
sorted by: hot top controversial new old
[–] unbuckled@lemm.ee 14 points 1 year ago* (last edited 4 months ago) (4 children)

I switched to 2FAS.

You can’t export from FreeOTP. Ente doesn’t appear to be open source. Tofu is an option but I’m afraid it might not be maintained.

Edit: Use Ente. It’s the best option.

[–] whysofurious@beehaw.org 3 points 1 year ago

Ente Auth seems open source: https://github.com/ente-io/auth

But the need for account is trowing me off a little bit. I’ll give a try to 2FAS as well.

[–] sir_whocampsalot@lemmy.world 2 points 1 year ago

From ente Authenticator launch blog post, they do state it is open-source.

load more comments (2 replies)
[–] Supercharger@lemm.ee 13 points 1 year ago* (last edited 1 year ago)

Why are people switching away from Raivo?

/c/outoftheloop

Edit: Looks like it's been bought by a generic app developer about which there are few details to be found: https://discuss.techlore.tech/t/raivo-otp-authenticator-has-been-acquired/4962/2

[–] 10EXP@sh.itjust.works 12 points 1 year ago (1 children)

I was in the middle of switching 2FA over to Raivo from Apple Keychain and you drop this aaaaa-

load more comments (1 replies)
[–] Thief@lemmy.myserv.one 12 points 1 year ago (3 children)

The password manager for iphone or ios has mfa built in - seems to work ok. Its a bit annoying if you use a desktop thats not mac though and have to search for the mfa code among the millions of passwords.

load more comments (2 replies)
[–] NightAuthor@beehaw.org 11 points 1 year ago (1 children)

I just use Authy

[–] pineapplelover@lemm.ee 5 points 1 year ago (2 children)

I used to use them a while back but now I use Aegis. I prefer my 2fa offline and disconnected from the internet. I still keep my backups saved in safe spaces though. It served me well to get off of Authy too because last year, they got compromised.

https://techcrunch.com/2022/08/26/twilio-breach-authy/

[–] HughJanus@lemmy.ml 2 points 1 year ago (1 children)

I prefer my 2fa offline and disconnected from the internet.

That's great until you lose your phone or something...

[–] b9chomps@beehaw.org 3 points 1 year ago (1 children)

Well, that's what backups are for. I sync my Aegis backups between phone, tablet and PC via syncthing. It's convenient to have authy handle bwckups for me, but if I use 2fa I don't want to water down its usefulness right away.

load more comments (1 replies)
[–] DeflectedBullhorn@lemmy.one 10 points 1 year ago* (last edited 1 year ago)

Edit: After digging into 2FAS, I think it is now my top choice. Seems like more of a drop in replacement for Raivo. https://2fas.com/

My second choice is (as of this edit) Owky. I’ve not seen anyone talking about it, but it’s FOSS and has the ability to export your TOTP codes.

Im a little worried about it not being maintained though, since it’s a single developer.

https://apps.apple.com/us/app/owky-two-factor-authenticator/id1602245257

Other options I’ve considered:

Tofu Authenticator. Unfortunately it’s basic though and lacks the ability to export.

ente Authenticator. Account required, and I’m a little undecided on the company. Might be a serious option though.

[–] caglel@lemmy.world 9 points 1 year ago* (last edited 1 year ago) (1 children)

I use Authy. It has Apple Watch app for quick access.

[–] bluesydney@lemmy.world 3 points 1 year ago

I have been using Authy as well. Works great in an apple ecosystem too.

Allows a quick copy from your phone to paste into computer browser when prompted for super easy usage.

[–] Gutless2615@ttrpg.network 6 points 1 year ago

Fan of OTP Auth

[–] kennocha@lemmy.world 6 points 1 year ago (1 children)

I’m a fan of 1Password. Makes it easy to keep all my secrets in one place, behind a yubikey.

[–] navi@lemmy.tespia.org 2 points 1 year ago

1Pass auto fill of 2FA is so OP on desktop.

I love the family sharing features as well.

[–] googlesnarfen@lemmy.world 6 points 1 year ago (3 children)

I‘m using Google Authenticator, but so far nobody else here seems to, am I doing it wrong??

[–] BrikoX@lemmy.zip 3 points 1 year ago

They make it hard to export your seeds if you want to move to the other platform or new device + closed source.

On Android Aegis is the great alternative. On iOS Raivo OTP used to be the main recommendation, but they just got bought by relatively unknown company, which is sketcy in on itself.

load more comments (1 replies)
[–] TonyTonyChopper@mander.xyz 5 points 1 year ago (2 children)

So I'm not on iOS but... the websites I need to use for various work things all require that you use a specific authenticator. But they all choose a different random one. It drives me insane. I have 4 different apps. Google Authenticator, Authy, Duo Mobile, and Onelogin Protect. I pray I change jobs before I get a new phone.

load more comments (2 replies)
[–] kuroshido@ani.social 5 points 1 year ago

I’m a fan of OTP Auth.

It’s been reliable, supports local and cloud backup / exporting, is simplistic in use and has a strong privacy policy.

[–] gogosempai@programming.dev 4 points 1 year ago* (last edited 1 year ago)

I have been using ProtonMail and Drive already so it was an easy decision to switch to Proton Pass when it came out. It's an all-in-one password manager which let's you store 2FA as well and also let's you make email aliases. It's synced everywhere, on Firefox on my linux desktop to my android phone to my iPad.

[–] matricaria@feddit.de 3 points 1 year ago

Apple Keychain OTP

[–] mojo@lemm.ee 3 points 1 year ago (1 children)

I use Bitwarden for everything, including my totp codes. I should probably use a separate app solely for Bitwarden's totp code, but the danger of losing it all gives me such a rush!

load more comments (1 replies)
[–] om1k@sopuli.xyz 3 points 1 year ago

I use keepassxc topt

[–] SkaveRat@discuss.tchncs.de 3 points 1 year ago (1 children)

Totp with bitwarden. Such a nice integration

[–] b9chomps@beehaw.org 1 points 1 year ago* (last edited 1 year ago) (1 children)

I'm curious. I know Bitwarden or keepass can handle TOTPs, but can't I unlock your Bitwarden vault and have access to your password and 2fa code? Or do they have protection against it? Otherwise I have everything I need.

load more comments (1 replies)
[–] kryllic@programming.dev 3 points 1 year ago (2 children)

I'm currently enjoying ProtonPass' built-in 2FA. You gotta be on a paid plan, however, but it's worth it imo.

load more comments (2 replies)
[–] relevantnanana@lemmy.world 3 points 1 year ago (1 children)

What happened to Raivo?

[–] kostel_thecreed@lemmy.ca 3 points 1 year ago

They got bought out by Mobime.

[–] willya@lemmyf.uk 2 points 1 year ago

None, just using the built in manager.

[–] Cotillion189@lemmy.world 2 points 1 year ago

I switched to 2FAS but im also looking into Proton Pass since im subscriber (password manager + 2FA) but i dont want to put all my eggs in one basket. Atm im using proton pass for unimportant stuff.

[–] IphtashuFitz@lemmy.world 2 points 1 year ago

I’ve been using 1Password for years and love it. It’s multi-device support was one of the reasons I started using it, and now have a family subscription to share some things with my wife.

I rely on TOTP a lot for my IT job. With 1Password it’s easy to display them on my Apple Watch so I don’t need to keep opening the app on my phone or laptop.

[–] poring@lemm.ee 1 points 1 year ago

I'll be using BitWarden as my 2FA app. I use KeePass as my password manager so it would still be two different services/apps.

I was planning on using Tofu but it has no FaceID which is mandatory IMO.

[–] pineapplelover@lemm.ee 1 points 1 year ago (1 children)

I recommend Raivo or Tofu both open source and I believe you can save and export it somewhere else to backup.

[–] CarlCook@feddit.de 1 points 1 year ago

OTP Auth

[–] sir_whocampsalot@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

My recommendation is to stay away from the auth services that are account based such as ente or bitwarden UNLESS you have a 2nd method of authentication such as a yubikey. Why? Because you obviously can't store, for example, your bitwarden 2FA code in your bitwarden vault. Same with ente. That's why on android I use Authenticator Pro, as it isn't account based and has great backup options, such as backing up to cloud and file encryption. Not sure what an equivalent would be on iOS but I'd definitely want to find out! Bonus points if it's available on both iOS and Android.

[–] hellfire103@sopuli.xyz 1 points 1 year ago* (last edited 1 year ago)

I like Tofu, and I also quite like Authenticator, but so far 2FAS seems to be the only option that offers backups without an account and that isn't a full-blown password manager.

[–] Max17@lemmy.world 1 points 1 year ago

I’m using the microsoft Authenticator, is it bad?

[–] ultratiem@lemmy.ca 1 points 1 year ago

The built in password manager and keychain can handle OTP since a few versions back.

load more comments
view more: next ›