OH DEAR. THIS POST WAS SET TO SELF-DETONATE 💣 💥 🔥
Ą̷͇̀l̵̩̓̕l̸̩͘ ̸̭̪̈́ť̷̝̍̆h̶̡̛̰̯̏͌a̷͕̞͋̂t̵̩͙͑̈́͝'̵̛̍́ͅͅş̴̬̱͝ ̷̗̊͠l̵͚̕͠ē̸̻͓̐͝f̷̧͙̀̑͝t̶͓̓͊̚ ̶̜̱̓͌́a̴͉͊r̶̡̩͛̀é̵̦̞͕ ̶̮̾ṫ̷̡͈̍ḧ̸̛͍́̊e̴̫̅ş̶̥̰̓e̴̟̪͌͂̇ ̷̞̅͊̚h̷̰͕͈͂e̶̡̹̜̚ŗ̸̗͈̾̇e̴̩̍͐ ̷̪͉̩̀a̵̡̱̐͑͝s̴͎͖̈́h̸͈͌́͜e̴͕̝̐̌ś̶͓̆ͅ.̵̩̉ ̵̱͊͑̀
@0x56
I would avoid Google Authenticator and Authy. GA does not have backups. Authy was bought by Twilio a while back and development stagnated. Both apps are closed-source.
I migrated from Authy to Aegis and it's much better, besides being open-source.
The biggest reason to not use Authy anymore may be that they were compromised in the same breach that recently hit LastPass:
https://www.androidpolice.com/authy-hacked-what-to-know/
Well fffffff on Authy, didn’t know that.
OH DEAR. THIS POST WAS SET TO SELF-DETONATE 💣 💥 🔥
Ą̷͇̀l̵̩̓̕l̸̩͘ ̸̭̪̈́ť̷̝̍̆h̶̡̛̰̯̏͌a̷͕̞͋̂t̵̩͙͑̈́͝'̵̛̍́ͅͅş̴̬̱͝ ̷̗̊͠l̵͚̕͠ē̸̻͓̐͝f̷̧͙̀̑͝t̶͓̓͊̚ ̶̜̱̓͌́a̴͉͊r̶̡̩͛̀é̵̦̞͕ ̶̮̾ṫ̷̡͈̍ḧ̸̛͍́̊e̴̫̅ş̶̥̰̓e̴̟̪͌͂̇ ̷̞̅͊̚h̷̰͕͈͂e̶̡̹̜̚ŗ̸̗͈̾̇e̴̩̍͐ ̷̪͉̩̀a̵̡̱̐͑͝s̴͎͖̈́h̸͈͌́͜e̴͕̝̐̌ś̶͓̆ͅ.̵̩̉ ̵̱͊͑̀
@0x56 @voltronic @Smersh missed it as well
And it’s android only 😔
@voltronic @JGNWYRK @0x56 @Smersh
From what I'm reading, Ravio stores only one-time-passwords, whereas managers like 1Password et. al. store passwords, secure notes, CC info, etc.
It seems every popular password manager has had a bad year. 1Password became an Electron app, which many users opposed and Last Pass was breached. Bit Warden just needs to add a few features that the major players have and it could surge ahead next year.
@Jeber @voltronic @JGNWYRK @0x56 @Smersh
careful...
having your password (a thing you know) and your one time code (a thing you have) stored in a single password safe turns your two factor authentication into single factor authentication...assuming the safe is unlocked solely by passphrase (a thing you know)
you could argue that both stealing the safe and cracking the passphrase is hard...but it's still a bad idea (IMHO)
@voltronic @JGNWYRK @0x56 @Smersh
I know Last Pass and BitWarden have tried incorporating OTP into their apps. I don’t know who else might be. I try to use the same brand for passwords and OTPs, I just expect them to work together better. Last Pass’ OTP is a separate app, an approach I like.