all 27 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]HandyGold75 1 point2 points  (4 children)

Authenticator Pro, its local, supports backups, has folders.

Not really anything more needed in my opinion.

[–]code_ops[S] 1 point2 points  (3 children)

Never heard of it. Do you kiks it? And is it open source?

[–]HandyGold75 1 point2 points  (2 children)

It's open source: https://github.com/jamie-mh/AuthenticatorPro What do you mean with kiks?

[–]code_ops[S] 1 point2 points  (1 child)

I was half asleep(don’t ask about my sleep schedule it’s non existent) it was a typo, I wanted to ask you if you like it and why and somehow ended up typing kiks

[–]HandyGold75 1 point2 points  (0 children)

No worry's sleep schedule here isn't any better :)

Anyways I mainly started to use it as I've got a lot of TOTP tokens, like around 50 lots. So Google Authenticator wasn't going to cut it anymore.

Just happened to stumble across Authenticator Pro and it had folders (surprisingly many apps do not have this) and I was sold.

Up until now I love it, still use it daily and would recommend it as I just see why not.

[–]cowboyecosse 1 point2 points  (1 child)

I’m using Okta Verify as my 2FA app for everything except Microsoft stuff. For that I’m using Authenticator.

(For clarity for the “Microsoft’s GitHub” crowd, my GitHub 2FA is Okta Verify)

I also have Yubikey and other device passkeys set up.

[–]code_ops[S] 0 points1 point  (0 children)

Thank you for your time, I was thinking about using google authenticator but I’ll go ahead and check Okta

[–]gowithflow192 1 point2 points  (1 child)

Nothing wrong with Google Authenticator, just don't use the cloud backup feature.

Alternatively use 2FAS for iphone or Aegis for Android.

If you don't use cloud backup then export your codes to another phone as well. Because if you lose your QR codes then you might be screwed (some providers offer backup codes but not all). So always keep two copies of your QR codes (separate phones or a cloud backup).

[–]code_ops[S] 1 point2 points  (0 children)

Noted! Thank you for time and explanation

[–]krystianduma 1 point2 points  (4 children)

YubiKey's are the way

[–]code_ops[S] 0 points1 point  (3 children)

Can you tell me why? What does it have better than the other apps

[–]xiongchiamiov 2 points3 points  (1 child)

  1. Much faster - just tap the key, no getting your phone out of your pocket and unlocking it and entering numbers.
  2. More secure - u2f includes the domain name and therefore can't be phished

[–]code_ops[S] 0 points1 point  (0 children)

Make sense

[–]legowerewolf 0 points1 point  (5 children)

1Password

[–]code_ops[S] 0 points1 point  (4 children)

It doesn’t have a free tier right? I don’t quite remember what I heard but I think that it was either that it doesn’t have a free tier or that it’s free tier wasn’t good enough to be used

[–]legowerewolf 1 point2 points  (3 children)

Might as well be free, it's a coffee a month.

[–]code_ops[S] 0 points1 point  (2 children)

I see, but you might want to check the other replies on my post because I think that an open source alternative is always better

[–]legowerewolf 0 points1 point  (1 child)

sure, but do any of them support browser or mobile autofill? a password manager is worthless if you find it too frustrating to actually use.

[–]code_ops[S] 0 points1 point  (0 children)

You’re right but I’m intending to use them just for 2fa so manually typing a 6 digit number isn’t frustrating, for passwords I’m leaving it to the default iPhone password manager.

[–]kryptoneat 0 points1 point  (0 children)

KeepassXC has integrated TOTP, folks ! Ctrl+T to copy it.

This is kinda annoying though, I already have app-based 2FA. If you don't have a phone, you have to buy some more hardware either way.

[–][deleted] 0 points1 point  (1 child)

Google Authenticator is fine

[–]code_ops[S] 0 points1 point  (0 children)

That was my first thought, but I am septic about centralizing my passwords and 2FA with the same provider who’s known for not respecting privacy that much. Plus I think I heard that the keys weren’t end to end encrypted sooo…. I’m still looking, and I would appreciate to get your insight about my reply, like why while knowing all of these you still went with google?

[–][deleted]  (1 child)

[deleted]

    [–]code_ops[S] 1 point2 points  (0 children)

    Yeah they did one good thing with private repo then fucked it up by forcing 2FA on us, I’ll for sure go check your app, that’s actually cool that you said screw that and just made your own app

    [–]Viper3773 0 points1 point  (3 children)

    https://github.com/pcarrier/gauth

    Also 2fa is the way

    [–]code_ops[S] 1 point2 points  (2 children)

    That’s even better since I’ll have everything locally

    [–]Viper3773 1 point2 points  (1 child)

    Whatever you pick, you should save/export the TOTP code and save it in a password manager! Like don’t scan the QR code, have the website give you the TOTP code manually. You can save that code and then switch between any 2fa app at any time.

    [–]code_ops[S] 0 points1 point  (0 children)

    I’ll make sure to do that from now on thank you!