What types of services are you not willing to self-host?
For example, something that is too complex for your comfort level, a security concern, or maybe your hardware can’t keep up with the service’s needs?
You are viewing a single comment
For example, something that is too complex for your comfort level, a security concern, or maybe your hardware can’t keep up with the service’s needs?
Aegis. Never use a local-only 2FA app on your phone.
What's the problem with it being local-only? Just backup the secrets, and you're good? Or is backing it up the "online" element?
Like a password manager, I can't trust myself for the seeds to get misplaced.
First, that's what recovery codes are.
Second, that's what backups are for.
Frankly, given what we've seen with LastPass this past year alone, there is absolutely no one I would trust to host any of my credentials.
My TOTP seeds go in a Keepass database that has a very long passphrase. That database is then sync'd across devices with syncthing and included in encrypted backups.
Any recommendations for 2FA?
Authy, having paid bitwarden and 2FA in one app is a disaster waiting to be happen in case of a security breach.
Can Authy really be trusted?
Out of all hosted options available that I lasted tested 2-3 years back, Authy is the only one that reliably syncs and backups seeds across devices. I would switch in an instant if something like Bitwarden comes up but for 2FA only.
Why not just use Aegis with a remote backup?
Paid bitwarden