145

GitHub is slowly rolling in 2FA. Any good open source apps that will enable me to activate 2FA token on android?

posted
by
Avatar
Ludrol@szmer.info
in
Avatar
opensource@lemmy.ml
98 comments
hidereport

If proprietary app is better and more robust I am willing to try it and assess it myself.

Sort:
HotTopControversialNewOld
Avatar
EinfachUnersetzlich@lemm.ee
22 points

BitWarden.

permalink
report
reply
Avatar
peregus@lemmy.world
25 points

I don’t think that it’s safe to leave both authentication factors in a single app.

permalink
report
parent
reply
Avatar
library_napper@monyet.cc
1 point
*

This. It’s not two factor if both factors are stored together lol

permalink
report
parent
reply
Avatar
blkpws@lemmy.ml
1 point
*
Deleted by creator
permalink
report
parent
reply
Avatar
dana@lemmy.world
3 points
*

It depends on your risk profile, but yes, it’s less secure. For some people the convenience is worth the risk, for others maybe not. If you opt to store 2fa keys in Bitwarden you’d definitely want to enable 2fa for your Bitwarden account though, which brings us back to the same issue again.

permalink
report
parent
reply
Avatar
peregus@lemmy.world
3 points

If you opt to store 2fa keys in Bitwarden you’d definitely want to enable 2fa for your Bitwarden account though, which brings us back to the same issue again.

With the risk of getting locked out if all your devices get logged out of Bitwarden! 🙈

permalink
report
parent
reply
Show more comments
Avatar
larmicon@feddit.de
152 points

Aegis authenticator. Beats all proprietary apps I’ve tried so far

permalink
report
reply
Avatar
morrowind@lemmy.ml
6 points

One of those apps that just does its job, does it well and I never have to worry about it

permalink
report
parent
reply
Avatar
Cynber@lemmy.ca
17 points

Yep, it works perfectly

Bitwarden has it too, but eggs in one basket etc.

permalink
report
parent
reply
Avatar
ReversalHatchery@beehaw.org
5 points

Also, for bitwarden it’s either a paid feature or you have to self host it

permalink
report
parent
reply
Avatar
pacjo@lemmy.dbzer0.com
38 points

I’m leaving links here in case anyone needs them

It supports importing data from various 2FA apps and even allows you to generate Steamguard codes.

permalink
report
parent
reply
Avatar
miss_brainfart@lemmy.ml
3 points

Steamguard? Since when? That’s awesome!

permalink
report
parent
reply
Avatar
pacjo@lemmy.dbzer0.com
5 points

I honestly don’t know. I set it up with steamguard-cli few months ago and it’s working like a charm.

permalink
report
parent
reply
Show more comments
Avatar
ReversalHatchery@beehaw.org
3 points

It’s been there for quite a few years, I think

permalink
report
parent
reply
Show more comments
Avatar
BearPear@lemmy.world
3 points

This is the best option. Love the app. But always remember to keep a backup of your tokens.

There is also ente.io authenticator app. It is available on fdroid. I think it supoorts cloud synchronisation as well.

permalink
report
parent
reply
Avatar
darklamer@lemmy.dbzer0.com
4 points

Thank you!

I’d been a happy user of andOTP for many years, unaware until now that it had been abandoned and that I therefore needed ro replace it. I looked through the recommendations posted here and came to the conclusion that Aegis indeed was the best recommendation.

Migrating from andOTP to Aegis by exporting an encrypted backup file from andOTP to the local filesystem and importing it in Aegis worked flawlessly.

One thing that I really liked in andOTP that Aegis doesn’t have was the PGP export, it was just very nice to get encrypted backup files that I could decrypt directly using standard software that I already have and know how to use, entirely independent from any particular app. Aegis instead provides the decrypt.py script to decode and decrypt its own encrypted backup file format and while I’ve tested and verified that this works fine, simply using standard PGP was nicer.

But that’s a minor detail. All in all, Aegis seems to do everything I need, and does it well.

permalink
report
parent
reply
Avatar
starman@programming.dev
3 points

Mauth

permalink
report
reply
Avatar
ExtremeDullard@lemmy.sdf.org
3 points
*

I use Yubico Authenticator with my Yubikey (NFC and USB) and Vivokey Authenticator - which is a straight fork of the Yubico Authenticator - with my Vivokey Apex implant.

permalink
report
parent
reply
Avatar
Darorad@lemmy.world
25 points

Aegis is a great Foss totp app

permalink
report
reply
Avatar
tommy@sh.itjust.works
22 points

Authenticator Pro

permalink
report
reply
Avatar
calm.like.a.bomb@lemmy.dbzer0.com
8 points

Yes! I moved from aegis to it and it is much better imo.

permalink
report
parent
reply
Avatar
cwagner@lemmy.cwagner.me
5 points
*
Deleted by creator
permalink
report
parent
reply
Avatar
calm.like.a.bomb@lemmy.dbzer0.com
7 points

Better way to select groups. Nicer looks, more customization.

permalink
report
parent
reply
Show more comments
Avatar
rozPierog@lemdro.id
2 points

WearOS support!

permalink
report
parent
reply
Avatar
hASHfunction@lemmy.world
8 points

I’ve used it for years for numerous phones. it’s the best. Link for the lazy

https://apt.izzysoft.de/fdroid/index/apk/me.jmh.authenticatorpro

permalink
report
parent
reply
Avatar
SaltyIceteaMaker@lemmy.ml
3 points

I love that you can back it up with a file… thatway i can put it somewhere safe and can recover my logins after my phone breaks

permalink
report
parent
reply
Avatar
mindlight@lemm.ee
1 point

This! I don’t even have to pick up my phone… I just check the code on my smartwatch. Awesome!

permalink
report
parent
reply

Open Source

!opensource@lemmy.ml

Create post

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

  • Posts must be relevant to the open source ideology
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

Community stats

  • 3.8K

    Monthly active users

  • 1.8K

    Posts

  • 30K

    Comments

Community moderators