Privacy

31252 readers

601 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

How to backup 2FA (lemm.ee)

submitted 10 months ago by rambos@lemm.ee to c/privacy@lemmy.ml

44 comments fedilink hide all child comments

So basically what title says.

Im using 2FA with google authenticator for multiple accounts. What if my phone gets stolen? Can I have some kind of backup? Or maybe sync with some self hosted service?

Bonus question: what 2FA should I use instead of google?

you are viewing a single comment's thread
view the rest of the comments

[–] Dave@lemmy.nz 11 points 10 months ago* (last edited 10 months ago) (3 children)

Aegis is a free open source TOTP 2FA app like Google Authenticator, and available on both F-Droid and Google Play. You should be able to export from Google Authenticator and import into Aegis.

Edit: I had assumed because Aegis had an option to import from Google Authenticator that this would mean you could export in bulk. Bad assumption to make, it sounds like you can do it if you have a rooted phone but Authenticator doesn’t make it easy. I did find this that shows a method to do a handful at once: https://blog.jay2k1.com/2021/11/17/how-to-bulk-migrate-from-google-authenticator-to-aegis/

[–] rambos@lemm.ee 5 points 10 months ago

Most comments recommend aegis, Im installing it right now. Thx

[–] illi@lemm.ee 3 points 10 months ago (2 children)

You should be able to export from Google Authenticator and import into Aegis.

If there is a way, I was unable to find it

[–] Dave@lemmy.nz 3 points 10 months ago

I had assumed because Aegis had an option to import from Google Authenticator that this would mean you could export in bulk. Bad assumption to make, it sounds like you can do it if you have a rooted phone but Authenticator doesn't make it easy. I did find this that shows a method to do a handful at once: https://blog.jay2k1.com/2021/11/17/how-to-bulk-migrate-from-google-authenticator-to-aegis/

[–] rambos@lemm.ee 3 points 10 months ago (1 children)

Yes, I just did it. Go to google auth - transfer accounts - you get QR code, screenshot it - and import in Aegis

[–] illi@lemm.ee 1 points 10 months ago

Huh. I was not able to make it work, perhaps I just overlooked something.

[–] 01189998819991197253@infosec.pub 2 points 10 months ago (1 children)

What's the benefit of Aegis over FreeOTP+?

[–] Dave@lemmy.nz 4 points 9 months ago* (last edited 9 months ago) (1 children)

For one, Aegis is more well known. Aegis has 6k+ stars where FreeOTP+ has about 500. This doesn't mean it's better, just that people are more likely to recommend it.

Aegis also has more features, and can import from many different authenticator apps (though as many don't allow exports, this may require technical knowledge to get the database and feed it in). If you have root then Aegis can pull directly from the other apps.

Aegis claims they are better than FreeOTP because the encrypt passwords at rest.

One big difference is FreeOTP+ lets you not have to enter a pin/password to see the codes while Aegis you need to enter a pin, password, or biometric to see your codes.

[–] 01189998819991197253@infosec.pub 2 points 9 months ago

Popularity aside, you sold me on the import compatibility. FreeOTP+ can export to other FreeOTP+ installations, but I've had issues with exporting to other apps. I had to manually import using the secrets displayed within FreeOTP+. The encryption sold me. I will be migrating to Aegis. I haven't heard of it until this post, and have been using FreeOTP+ sans encryption.