Aegis vs Authy
Hey y'all!
I've been using Authy for some time now (switched from Google Authenticator) but an increasing amount of people is suggesting Aegis over Authy in some posts here at Lemmy and that got me curious.
Was wondering what would be the main selling points for one to use Aegis instead of Authy, can somebody help out?
Thanks in advance!
You are viewing a single comment
I moved my TOTP's from Authy to Bitwarden, where you can have access to your seeds and export if you want. But I believe this requires paying the $10 per year for Bitwarden premium (which I already had).
I hope you're not also using Bitwarden as your password manager. Having your authenticator and your password manager accessible in the same place, with the same account, completely defeats the point of 2FA.
I am using it as my password manager, and I understand it puts all my eggs in the Bitwarden basket. But I don't think it defeats the purpose of 2FA. For example, someone getting my Google password doesn't mean they have my TOTP needed to get into my Google account, or any other account with 2FA.
If you are able to open your password vault from the device you use as a second factor (which you probably do) the whole point is defeated anyways. Multiple apps on the same device won't save you.
But I have Bitwarden setup to need 2fa.
It's passwords all the way down!
It's only as weak as the weakest link. If you're using a strong and unique password as well as a strong 2FA (FIDO2) to access your Bitwarden account then it's an acceptable trade-off.
Vaultwarden is the unofficial open source backend that's compatible with bitwarden clients.
But $10 a year is nothing, and it removes a lot of worries
It also supports Bitwarden, so it's a good deal.