World Basement Classic

As part of phone migration and general degoogling, I am wondering what to use instead of Google Authenticator for #TOTP MFA codes.

I can store them in #KeePassDX (which syncs via my self-hosted Nextcloud to my laptop and desktop) but that feels a bit eggs-in-one-basket.

Any other suggestions, firstly on how to export them sensibly from Authenticator (I assume I can scan the QR codes it generates with something other than Authenticator to extract the TOTP seeds), and secondly on what to use instead on my new #GrapheneOS phone?

May 20 at 2:48pmWeb
Show threadmartin5d ago
@diffrentcolours On Android I use Aegis Authenticator ( #FOSS ). On Linux I just discovered #Ente Authenticator, which is really nice.
Show threadS.Fynn  5d ago

@diffrentcolours

Been using Aegis for years on my #GrapheneOS phone

https://github.com/beemdevelopment/Aegis

GitHub - beemdevelopment/Aegis: A free, secure and open source app for Android to manage your 2-step verification tokens.

A free, secure and open source app for Android to manage your 2-step verification tokens. - beemdevelopment/Aegis

GitHub
Show threadHagen Tietze5d ago
@diffrentcolours Aegis ist eine sehr gute Alternative (f-droid)
Show threadtobestool5d ago

@diffrentcolours +1 on Aegis.

Also very handy as it lets you backup your keys.

Show threadjoat5d ago

@tobestool @diffrentcolours another +1 for aegis

It can do encrypted backups and also supports the same bulk transfer QR format as Google Auth so easy to transfer between phones

Show threadKathryn Karnage5d ago
@diffrentcolours keeping them in a separate "TOTP" keepass vault (with different credentials etc, and these *not* stored in your main keepass vault 😀 is also a potentially valid way of keeping them handy without completely undoing the 2 factorness. Not perfect if you are using them on the same machine, but you can always, say, only open the totp vault on your phone