So basically what title says.

Im using 2FA with google authenticator for multiple accounts. What if my phone gets stolen? Can I have some kind of backup? Or maybe sync with some self hosted service?

Bonus question: what 2FA should I use instead of google?

  • Zerush@lemmy.ml
    1·
    1 year ago

    I prefer an authentication code, which I can save on a pendrive or, if not, a second email. I never use 2FA with a phone number, precisely because a phone is never secure and is also a privacy hole. It’s enough that they know my email, it’s not necessary that they also know my phone number.

  • Cotillion@lemmy.world
    1·
    1 year ago

    Use Aegis on android or 2FAS on iOS. And just backup your seed on hdd/usb stick. Dont upload on cloud.

    • SamsonSeinfelder@feddit.de
      1·
      1 year ago

      IOS has a 2FA feature included in the key chain (passwords) settings. No need for a third party app. If you backup passwords via icloud, you are already set.

    • shortly2139@lemmy.world
      1·
      1 year ago

      Just a heads up. There is no way to export from authy. So if you ever want to switch apps for whatever reason, lets say they were bought by big evil corp., then you would have to go and regenerate all your keys. Where as a good app would let you export and import from anywhere

  • rambos@lemm.eeOP
    0·
    1 year ago

    Thank you all for tips. I got Aegis and backing it up to my selfhosted nextcloud. I will also keep google app in use for now, but I might get keypassxc or vaultwarden in the future

    Cheers

    • Trones@ythreektech.com
      1·
      1 year ago

      As a user of Nextcloud, Aegis, and Vaultwarden, I can say it’s a great set of tools. I don’t know how I ever got by without Bitwarden/Vaultwarden.

  • elgordio@kbin.social
    0·
    1 year ago

    When enrolling with the 2FA take a screenshot of the QR code, print it and add it to wherever you keep your secure documents. The QR code is your private key, just scan it again to add a new device if you lose your original.

    Obviously you need to keep the code secure!

  • Max_Power@feddit.deEnglish
    0·
    1 year ago

    There are many forms of 2FA. I’m guessing you mean TOTPs oh you actually wrote that, my bad lol.

    I copy the keys from Aegis to KeePassXC. KeyPassXC’s database is part of my regular backup. This way I have two apps generating the same TOTPs.

    • rambos@lemm.eeOP
      1·
      1 year ago

      I was afraid of using keypassxc since I dont trust myself, but using it as a backup sounds like amazing solution. Thank you

    • ebits21@lemmy.caEnglish
      1·
      1 year ago

      Personally I recommend just using KeePassXC and a KeePass app (I use KeePassium on iPhone).

      You always have access to all your data that way. No company is monitoring you. A lot of apps make it very difficult to backup!

      My totp database is in the cloud for syncing but needs a key file I don’t keep in the cloud (and a password). My passwords are entirely separate.