21
Privacy@lemmy.world : An open source two factor auth app that syncs keys between devices? (lemmy.world)
submitted 1 week ago by TheTwelveYearOld@lemmy.world to c/privacy@lemmy.world
6 comments fedilink hide all child comments

Isn't the value of two factor auth that it requires a physical device (your phone or computer) with the auth key to authenticate you? Then why don't many two factor auth apps seem to support syncing? If it's fine to do so, are there any open source cross platform apps that sync keys?

top 6 comments
sorted by: hot top controversial new old
[-] theorangeninja@lemmy.today 6 points 1 week ago

Ente Auth

[-] Successful_Try543@feddit.org 4 points 1 week ago* (last edited 1 week ago)

Nextcloud + Passman would do so.

One could argue that this is against the idea of 2FA. In case you lose your device, you should simply use another with different token and delete the validity of the lost one.

Additionally, as 2FA is supposed to add an extra layer of security, having 2FA token and passwords stored in the same db is also not the best idea in that regard.

[-] ShellMonkey@lemmy.socdojo.com 2 points 1 week ago

The hard part is securing the exported tokens in a way that you could quickly replace them in the event a device was lost/compromised. A good practice would be something like with Aegis you can have it save an encrypted export whenever you make a change and then sync that to an external location where you can re-import it from. Wiping them from the original lost device is another challenge in itself, but as I recall both Android and Apple have mechanisms where you can send a signal to remotely wipe the system.

[-] powermaker450@discuss.tchncs.de 2 points 1 week ago

I use 2FAuth. it's web based but that has the plus of working anywhere, even on desktop

[-] Illecors@lemmy.cafe 1 points 1 week ago

I'm, using Nextcloud + KeePassXC (DX on android). Nextcloud part can, obviously, be replaced by another mechanism.

[-] RandomLegend@lemmy.dbzer0.com 1 points 1 week ago* (last edited 1 week ago)

I usw Aegis on my phone and sync them to the PC via Nextcloud, on the PC i use OTPClient

this post was submitted on 02 Jul 2024
21 points (92.0% liked)

Privacy

3721 readers
206 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
iopq@lemmy.world