With bitwarden changing to at least email auth required, I’m one of those that stores my email creds there. I don’t want to risk losing my email so it seems I need to use an Authenticator. For work, I have microsoft auth but that makes me want to die a little.
EDIT: I appreciate you all, thank you.
Aegis is nice
Can confirm. It does everything you’d want it to do.
I switched from Google Authenticator to Aegis and have had no problems.
One more upvote for aegis
thanks for this!
FOSS ftw!
Been with aegis through 4 devices and absolutely love it.
Aegis via Fdroid
The fact it’s in fdroid is great
I use Aegis for personal and work stuff. Works great, is open source and initiates no network connections anywhere.
Use Ente Auth.
Huge fan of Ente Auth as well. Completely open source and available on F-Droid. Offers encrypted backups with cloud options so you can easily restore between devices if needed.
I swear it used to state if they ever had to charge for it free accounts would be grandfathered in, but now it just says free. Guessing the photo service covers its cost.
Ente photos is also awesome. I’m a huge fan and subscriber.
I use FreeOTP. Open source tickles me.
Open version called vault warden lets you put 2FA in the app. That said, I’m not of the camp that wants to put their password and code generator in the same place so I still use Aegis for the tokens.
Aegis (fdroid)
I use proton pass but IDK if it’s good to warn against them now as they appear to support fascists
I’ve used andOTP for years and it’s served me well. and it’s FOSS
But since a few years ago, it’s no longer being maintained: https://xdaforums.com/t/unmaintained-app-4-4-open-source-andotp-open-source-two-factor-authentication-for-android.3636993/post-87021655
Thanks for this, I also have been using andOTP for years (and before that its earlier fork OTP Authenticator), didn’t realize its development went dormant too.
I did not realize that. Im trying out Aegis and it seems like a good replacement so far.
I’ve used Aegis myself since andOTP was abandoned and I’m still very happy with that solution.
I typically use Bitwarden for my 2fa keys and passkeys. For Bitwarden itself, I have a Yubikey and my phone registered as passkeys. I also used to use Duo for 2fa in the past, but I prefer Bitwarden.
I did not realize they had an authenticator… That would be convenient. I think I’ll do that.
I second Bitwarden. It’s open source and automatically copies the number to your clipboard. Migrating can be a pain in the ass but once you’re done, it’s great.
Nitrokey or yubikey if you have the key , or Aegis if only want to use an app
I think I need an education. What do you mean if I have the key? When I look at bitwarden settings, I do see a setting for “Log in with passkey” but it’s different than the Two-step login. EDIT: wait, I think I see, under the two-step login there are providers for Authenticator app, Passkey, yubico key, or duo. I think I get it now.
yubikey and nitrokey are physical keys
Doesn’t turn 2fa into 1fa?
I like to know that even if someone got into my bitwarden vault they would still not be able login to my most important stuff.
This is a different app from bitwarden PW manager.
I don’t want my password manager to also have the ability to generator 2fa codes, gotta keep em separated.
It’s a different app, made by the same company.
This is a different app from bitwarden PW manager.
whatever you choose, keep the 2FA recovery codes to at least bitwarden on paper, in a safe place
Aegis.
I used tobuse authy. Mainly for the desktop to phone sync feature. The desktop got removed unfortunatly. So i am looking as well
