OH DEAR. THIS POST WAS SET TO SELF-DETONATE 💣 💥 🔥

Ą̷͇̀l̵̩̓̕l̸̩͘ ̸̭̪̈́ť̷̝̍̆h̶̡̛̰̯̏͌a̷͕̞͋̂t̵̩͙͑̈́͝'̵̛̍́ͅͅş̴̬̱͝ ̷̗̊͠l̵͚̕͠ē̸̻͓̐͝f̷̧͙̀̑͝t̶͓̓͊̚ ̶̜̱̓͌́a̴͉͊r̶̡̩͛̀é̵̦̞͕ ̶̮̾ṫ̷̡͈̍ḧ̸̛͍́̊e̴̫̅ş̶̥̰̓e̴̟̪͌͂̇ ̷̞̅͊̚h̷̰͕͈͂e̶̡̹̜̚ŗ̸̗͈̾̇e̴̩̍͐ ̷̪͉̩̀a̵̡̱̐͑͝s̴͎͖̈́h̸͈͌́͜e̴͕̝̐̌ś̶͓̆ͅ.̵̩̉ ̵̱͊͑̀

@0x56
I would avoid Google Authenticator and Authy. GA does not have backups. Authy was bought by Twilio a while back and development stagnated. Both apps are closed-source.

I migrated from Authy to Aegis and it's much better, besides being open-source.

The biggest reason to not use Authy anymore may be that they were compromised in the same breach that recently hit LastPass:
androidpolice.com/authy-hacked

@Smersh
I posted about it here several months ago, but I don't think a lot of people saw it.

@0x56

OH DEAR. THIS POST WAS SET TO SELF-DETONATE 💣 💥 🔥

Ą̷͇̀l̵̩̓̕l̸̩͘ ̸̭̪̈́ť̷̝̍̆h̶̡̛̰̯̏͌a̷͕̞͋̂t̵̩͙͑̈́͝'̵̛̍́ͅͅş̴̬̱͝ ̷̗̊͠l̵͚̕͠ē̸̻͓̐͝f̷̧͙̀̑͝t̶͓̓͊̚ ̶̜̱̓͌́a̴͉͊r̶̡̩͛̀é̵̦̞͕ ̶̮̾ṫ̷̡͈̍ḧ̸̛͍́̊e̴̫̅ş̶̥̰̓e̴̟̪͌͂̇ ̷̞̅͊̚h̷̰͕͈͂e̶̡̹̜̚ŗ̸̗͈̾̇e̴̩̍͐ ̷̪͉̩̀a̵̡̱̐͑͝s̴͎͖̈́h̸͈͌́͜e̴͕̝̐̌ś̶͓̆ͅ.̵̩̉ ̵̱͊͑̀

@JGNWYRK
... Which is why I posted a site with iOS alternatives. RavioOTP is good.

@0x56 @Smersh

@voltronic @JGNWYRK @0x56 @Smersh
From what I'm reading, Ravio stores only one-time-passwords, whereas managers like 1Password et. al. store passwords, secure notes, CC info, etc.
It seems every popular password manager has had a bad year. 1Password became an Electron app, which many users opposed and Last Pass was breached. Bit Warden just needs to add a few features that the major players have and it could surge ahead next year.

@Jeber
Ravio, Ageis, etc. are OTP apps, and are not password managers. The two can work together to make you more secure than either by itself.

@JGNWYRK @0x56 @Smersh

@voltronic @JGNWYRK @0x56 @Smersh
I know Last Pass and BitWarden have tried incorporating OTP into their apps. I don’t know who else might be. I try to use the same brand for passwords and OTPs, I just expect them to work together better. Last Pass’ OTP is a separate app, an approach I like.

@Jeber @voltronic @JGNWYRK @0x56 @Smersh

careful...

having your password (a thing you know) and your one time code (a thing you have) stored in a single password safe turns your two factor authentication into single factor authentication...assuming the safe is unlocked solely by passphrase (a thing you know)

you could argue that both stealing the safe and cracking the passphrase is hard...but it's still a bad idea (IMHO)

Follow

@opie
Agreed. Putting all your eggs in one basket is rarely a good idea.

@Jeber @JGNWYRK @0x56 @Smersh

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.