With bitwarden changing to at least email auth required, I’m one of those that stores my email creds there. I don’t want to risk losing my email so it seems I need to use an Authenticator. For work, I have microsoft auth but that makes me want to die a little.
EDIT: I appreciate you all, thank you.
I use Aegis for personal and work stuff. Works great, is open source and initiates no network connections anywhere.
Aegis (fdroid)
Aegis is nice
Been with aegis through 4 devices and absolutely love it.
One more upvote for aegis
Can confirm. It does everything you’d want it to do.
I switched from Google Authenticator to Aegis and have had no problems.
FOSS ftw!
thanks for this!
I use 1password. It’s fine. I haven’t tried much other stuff, but it works well, but I don’t think there is a free option so it might not be a good pick. There is also Google Authenticator which works fine and is free.
I used tobuse authy. Mainly for the desktop to phone sync feature. The desktop got removed unfortunatly. So i am looking as well
I use FreeOTP. Open source tickles me.
Use Ente Auth.
I’ve used andOTP for years and it’s served me well. and it’s FOSS
But since a few years ago, it’s no longer being maintained: https://xdaforums.com/t/unmaintained-app-4-4-open-source-andotp-open-source-two-factor-authentication-for-android.3636993/post-87021655
Thanks for this, I also have been using andOTP for years (and before that its earlier fork OTP Authenticator), didn’t realize its development went dormant too.
Open version called vault warden lets you put 2FA in the app. That said, I’m not of the camp that wants to put their password and code generator in the same place so I still use Aegis for the tokens.
I typically use Bitwarden for my 2fa keys and passkeys. For Bitwarden itself, I have a Yubikey and my phone registered as passkeys. I also used to use Duo for 2fa in the past, but I prefer Bitwarden.
I did not realize they had an authenticator… That would be convenient. I think I’ll do that.
I second Bitwarden. It’s open source and automatically copies the number to your clipboard. Migrating can be a pain in the ass but once you’re done, it’s great.
Nitrokey or yubikey if you have the key , or Aegis if only want to use an app
I think I need an education. What do you mean if I have the key? When I look at bitwarden settings, I do see a setting for “Log in with passkey” but it’s different than the Two-step login. EDIT: wait, I think I see, under the two-step login there are providers for Authenticator app, Passkey, yubico key, or duo. I think I get it now.
yubikey and nitrokey are physical keys
My email is what I consider to be an important password so its in my offline password manager.
At the risk of sounding snarky, why is this a deal breaker? I can recover both bitwarden and my email if I was ever in a situation where I forgot one or both passwords. It also only occurs in a situation where you are signing into devices that you’ve never logged in to or purposely logged out of. I do use 2FA, but even if I did not it sounds like a lot of complaining about a situation that you should already be prepared for. Bitwarden could easily go down or your password vault could be corrupted or (at worse case) your vault compromised and passwords stolen. Make plans for such situations and you’ll realize this is mostly a knee-jerk reaction to a non-issue.
