So basically what title says.
Im using 2FA with google authenticator for multiple accounts. What if my phone gets stolen? Can I have some kind of backup? Or maybe sync with some self hosted service?
Bonus question: what 2FA should I use instead of google?
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.44K Posts
- 57.3K Comments
- Modlog
I prefer an authentication code, which I can save on a pendrive or, if not, a second email. I never use 2FA with a phone number, precisely because a phone is never secure and is also a privacy hole. It’s enough that they know my email, it’s not necessary that they also know my phone number.
Who knows my phone number if I use Aegis?
I use 1pass at work and vailtwarden personally. Both are perfect solutions.
Im using bitwarden free for passwords only. I might try vaultwarden
Authenticator Pro is awesome, FOSS, and allows you to backup your 2FA.
Aegis or Ente Auth for Android. Backup your databases in your cloud of choice. Do not use Google Authenticator.
Keepass + Syncthing
KeepassDX is a good android client, and it supports TOTP.
Use Aegis lol.
This, I’ve just installed it this week and I think it’s better than Google (though I’m suspicious of the “free” service.
Its not a service its an app. And yes nothing is free so please donate to the Devs
I use Authy and am logged in on multiple devices so if I lose my phone I can still access the 2FA on my laptop. Then log back into the new phone using the laptop.
I use Aegis like several others here and then backup my codes to a Cryptomator vault which I can then sync online for cloud backup
Just transfer them to another device? Or save the big QR code it generates as an image.
Thank you all for tips. I got Aegis and backing it up to my selfhosted nextcloud. I will also keep google app in use for now, but I might get keypassxc or vaultwarden in the future
Cheers
As a user of Nextcloud, Aegis, and Vaultwarden, I can say it’s a great set of tools. I don’t know how I ever got by without Bitwarden/Vaultwarden.
I use Authenticator Pro. It allows backups for itself or for exporting to other apps.
+1 To AuthPro, the guy behind the app is really cool
Just take a screenshot of the QR code and save the image somewhere
I dont know why you got downvote. Seems like perfect backup if stored somewhere safe. Am I missing something?
When enrolling with the 2FA take a screenshot of the QR code, print it and add it to wherever you keep your secure documents. The QR code is your private key, just scan it again to add a new device if you lose your original.
Obviously you need to keep the code secure!
FWIW if you use Aegis, that app will show you the QR codes after the fact.
All you need is the TOTP secret, and it will generate OTPs. If you enter the secret in another TOTP app, you’ll also get OTPs. Here’s a Ruby lib that will render OTPs from a secret, for example: https://github.com/mdp/rotp
For an Android TOTP tool, I like FreeOTP+. You can even use it for Steam OTPs.
You could use a python script with oathtool copied onto each of your devices. This is not a good suggestion.