If proprietary app is better and more robust I am willing to try it and assess it myself.

  • badelf
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    True true. But the auth apps I’ve seen don’t appear to be secure. So if you lose your phone…

    And I don’t like hw key because I’m afraid I’ll lose it.

    • styx@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I have a two layer system in place:

      1. I use Aegis, I have automatic encrypted backups, and syncthing to synchronize the backups to my private server. If I need to reconfigure Aegis, I just import the backup.

      2. I have 2FA backup codes as encrypted text files, which are also synced to my server with syncthing. I have the encryption/decryption software installed on my phone and windows, so I can use a backup code if I don’t have access to Aegis.

      One issue was I had to write my own apps for windows and android for encrypting/decrypting the text files 😃. You can check them on GitHub: https://github.com/mcanyucel/TextCrypt-Windows https://github.com/mcanyucel/textcrypt-android

      They use SHA256 with random IV and random salt. No warranties, though 😅

      • badelf
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Damn! I hope I don’t have to be quite that careful. I travel a lot so I really only worry about the USA border guards. 😒