I hope you all freed your 2fa secrets from this un-service.
However, those who synced their desktop apps with the mobile versions have discovered that some of their tokens did not correctly synchronize, making their associate accounts inaccessible.
Lol
Fuck that man.
Yeah, laughing at the customers (who were making a good decision to make sure they had 2FA enabled) is kind of a dick move.
But from the perspective of the company fucking up that bad it’s funny.
I use their phone app. I sure have a weekend chore to get the fuck off that app.
Yeah, I told everyone at my company about it 2 months ago. I moved everything to bit warden.
I’ve been moving over to Okta’s app. Wondering if I should pick something else though. All of my credentials are in 1Password, but I don’t want my 2FA in the same place.
deleted by creator
I switched to Aegis
I switched to Aegis when google authenticator didn’t allow exports. It’s simple and it works.
Wait, google auth doesnt allow exports? For me it dies…? Am I missing something…?
Keepass. Standalone apps for desktop/phone. Passwords are in small encrypted db file you can copy/paste anywhere you need it.
Use something like syncthing/nextcloud/onedrive to keep the file in sync across devices.
I use KeePassXC and a Yubikey 5. You can store a certain number of 2fa on the key but i also back up the secret key and recovery codes on KeePassXC which is backed up on my Nextcloud. When using the Yubikey there is an app on desktop and mobile that reads they key but doesn’t store the codes. Open the app, plug in the key, the TOTP appears, take the key out and the TOTP is gone.
Duo, Aegis, Bitwarden, Proton.
Along with others already mentioned, 1Password can support 2fa.
1Password has impressed me. I’ve used KeePassXC, LastPass, Bitwarden (but not extensively and one of the early versions), and even CyberArk (🤮).
1Password is closed source but it’s one of those pieces of software that just works the way you expect it to. Hard to confirm a lot of their security claims. Just rolling with “Have not heard a lot about 1Password breaches” mentality.
We got lucky at work and used it to replace an unmanageable long list of KeePass database files that were sprawling everywhere. With that everyone who uses 1Password at work gets an associate private family account. Made managing my kids passwords and share some of our common family passwords way easier and I still get to lock them out of my passwords I don’t want them using.
I believe modern Bitwarden for enterprise has a similar licensing sweetener with a private family account for each corporate account.
andOTP + bitwarden for me
I switched to Ente Auth some time ago when bad news about authy started getting out
A lot of password managers support 2fa now. I use Enpass because I got a lifetime license a long time ago (it’s also available to people with Google Play pass), but I know some other popular options have it too.
The whole point of 2FA is to keep the second factor separate from the first. If you store both in the same password manager app that defeats the entire point of 2FA.
It still protects you from your passwords being compromised in any way except through a compromise of the password manager itself. Yes, it’s worse than keeping them separate, but it’s also still much better than not having 2fa at all.
Bitwarden or Proton Pass.
Whoa
I used Authy a couple years ago, do I need to be worried?
This prompted me to move away from Authy, and looking it up, it doesn’t allow you to export your TOTP tokens. There were some workarounds but then have been plugged, I tried.
Mostly switched over to Bitwarden’s equivalent. I’ve been using their password manager for many many years now and am very happy with it. They have an export feature in a few different formats.
Welp, time to finally migrate one at a time to Proton.
That would be repeating the same mistake. You don’t change one company for the other, you choose an app that is not dependent on an account, like KeepassXC.
