Hey, I need to move one day of Google Authenticator, and I was wondering if their was a project like Bitwarden for 2 Factor Authentication

Take care!

  • conscious_coma@lemmy.world
    link
    fedilink
    অসমীয়া
    arrow-up
    2
    ·
    edit-2
    2年前

    Bitwarden has TOTP included as a feature. Seems like lots of people don’t like using it though, and see storing the 2FA keys with the passwords as “putting all your eggs in one basket”.

    Aegis seems to be the open source 2FA app of choice for privacy-minded people right now.

      • tkchumly@lemmy.one
        link
        fedilink
        অসমীয়া
        arrow-up
        1
        ·
        2年前

        I use bitwarden for the bulk of my 2fas and aegis for the 2fa for bitwarden itself and a couple other sensitive/important sites that I want separated. Be sure to back up your 2fas somehow for bitwarden.

  • Schrottkatze@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    2年前

    Yes: Bitwarden.

    Idk about the central instance, but I use my bitwarden (specifically vaultwarden) instance for my TOTP keys. I can just autofill and then it copies the current TOTP key and i can paste it in to log into whatever i’m logging into!

  • novarime@sopuli.xyz
    link
    fedilink
    অসমীয়া
    arrow-up
    1
    ·
    2年前

    Bitwarden provides a facility for MFA. Though there’s an argument to be made against eggs + baskets. It might defeat threw purpose a bit.

    I use Aegis which is opensource and easily encrypted and backed up locally. Saved my ass where I accidentally deleted my 2FA for Bitwarden, thus locking me out in circle of shite. Aegis allowed me to roll back and pull in that one missing key without having to redo a load i’d made since the last backup and all was good.

  • provisional@lemmy.sdf.org
    link
    fedilink
    অসমীয়া
    arrow-up
    1
    ·
    2年前

    You can use Bitwarden Premium for 2FA keys. It’s pretty cheap and well worth it to support development ($10/yr).

    If you’re on Android and don’t want to pay for Bitwarden Premium, I’d use something like Aegis Authenticator.

    • paperclipgroove@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      2年前

      I personally think it’s best to keep 2FA keys out of password managers.

      The whole point of 2FA is to have a seconds factor to authenticate you.

      If someone gets access to your password vault with your 2FA keys, they have access to all of your accounts - 2FA protected it not. If you keep the keys in another app, they cannot access your accounts nearly as easily.

    • trex@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      2年前

      I have been tempted to get yubikeys but it seems like a hassle to have two and keep them in “sync”.

      • joshuaacasey@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        2年前

        when I eventually get a yubikey, I’m just gonna get one. I always save the recovery codes when I setup 2fa so I’m not really too concerned.

        • kitonthenet@kbin.social
          link
          fedilink
          arrow-up
          0
          ·
          2年前

          This is the way tbh. Though honestly it’s not bad to have two, usually when a website has an MFA flow you can set up the second at the same time, I only have one 5C NFC and it works with my phone and laptops (and iPad)

          • joshuaacasey@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            2年前

            yeah when I eventually get around to getting one I’m definitely considereing the usb-c nfc one (since my phone has nfc and usb-c and both my desktop and chromebook have usb-c (my chromebook doesn’t have usb-a, which I’m honestly fine with)

  • Gleddified@lemmy.ca
    link
    fedilink
    অসমীয়া
    arrow-up
    0
    ·
    2年前

    I personally use yubioath for anything that doesn’t support yubikey. Sounds like that isn’t a solution for you (maybe a totally different, open source hardware key?).

    I’d recommend against putting your 2FA inside bitwarden. It’s not a very good second factor if both factors can be exposed by getting into your bitwarden.

    • Kyoyeou (Ki jəʊ juː)@lemmy.worldOP
      link
      fedilink
      অসমীয়া
      arrow-up
      1
      ·
      2年前

      It not that isn’t absolutely not a solution, but more that I want to split work and life, and I know I could have some remarks if my collegue see the app of the keys used on my not work phone and I could just avoid certain discussions

    • tkchumly@lemmy.one
      link
      fedilink
      অসমীয়া
      arrow-up
      1
      ·
      2年前

      KeepassXC is a really good option. I was using it for a while and it was great but bitwarden syncing is just so convenient.