this post was submitted on 01 May 2024
515 points (98.0% liked)

Technology

58303 readers
25 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

(page 2) 50 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 6 months ago (14 children)

Jesus fuck. How many more authentication apps do we need that all do the same thing?

At work I need at least 4-5 different authentication apps because every customer has something different.

We don’t need another.

load more comments (14 replies)
[–] [email protected] 6 points 6 months ago

Good. They make great stuff.

[–] [email protected] 6 points 6 months ago (5 children)

I'm not putting my totp with my password, same as I'm not putting my password with my email (proton)

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago) (2 children)

Exactly, from a security perspective, it's a bad idea to put 2 factor tokens together with your passwords. You effectively eliminate the security benefit that 2 factor provides if you do because if people get into your password manager, they have everything they need to access your accounts. The only people it "helps" having it all in one app are people who don't understand the purpose of 2 factor and just see it as an inconvenience when services force it on them. Even though I use BitWarden for passwords, I don't think that I'll be changing from Aegis to BitWarden's stand-alone authenticator because Aegis is doing its job nicely.

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago)

That's also part of why I'm against the new passkeys. I think passkeys could replace either passwords or tokens, but not both.

load more comments (1 replies)
[–] [email protected] 3 points 6 months ago

And seemingly reading beyond the headline is also not your thing.
This is a separate app unconnected to your bitwarden account...

load more comments (3 replies)
[–] [email protected] 5 points 6 months ago

Nice. But as a BitWarden user, it's useless to me. I've never put all my eggs in one account basket.

Passwords on one service, MFA on another, email on yet another, etc.

[–] [email protected] 5 points 6 months ago (7 children)

Any reason to switch from Aegis?

[–] [email protected] 6 points 6 months ago

Not yet.
No icons, no ability to save notes, a URL or back it up in an encrypted json.
I will definitely keep an eye on it though.

load more comments (6 replies)
[–] [email protected] 4 points 6 months ago

I personally have no use for this since I use Aegis and sync it with my synology drive

[–] [email protected] 3 points 6 months ago (4 children)

I assume its still absolutely impossible to migrate from one authenticator app to another without having to set it all up again?

[–] [email protected] 4 points 6 months ago

You can use Authenticator Pro (android, opensesource) and Proton Pass, both let you copy the TOTP generation code to paste into another without problem. Both generate exact code

In fact that's how I am using them right now, with Authenticator Pro is my on-device, offline, encrypted backup offline backup TOTP for Pass.

I guess it is not as straight forward as export import as you hope, but it's not as bad as other options used to be.

[–] [email protected] 4 points 6 months ago

As long as you can access the keys, you can swap authenticator apps.

I tried a few until I landed in Aegis, and I have two on my desktop that I'm trying out as well. Just get something that allows exporting the keys and there will be a path to switching apps.

load more comments (2 replies)
load more comments
view more: ‹ prev next ›