this post was submitted on 09 Dec 2023
139 points (96.0% liked)

Privacy

31927 readers
607 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

cross-posted from: https://lemmy.one/post/7807944

Nevertheless I chose my Yubikey instead.

top 14 comments
sorted by: hot top controversial new old
[–] phase@lemmy.8th.world 6 points 11 months ago (2 children)
[–] SomeBoyo@feddit.de 10 points 11 months ago

Yes, it's relatively convenient with NFC.

[–] Taps4366@lemmy.dbzer0.com 0 points 11 months ago

Yep. Just download the Yubico Authenticator app. Your OTPs wont show up unless you tap your physical Yubikey to your phone's NFC chip.

Only downside is, the Yubico Authenticator only allows 32 accounts. So i have my most important accounts on there.

[–] picnicolas@slrpnk.net 3 points 11 months ago (3 children)

Any iOS alternatives? Couldn’t find either of these in the App Store.

[–] Lodra@programming.dev 4 points 11 months ago (2 children)

Bitwarden has been working well for me on iOS. It’s a paid feature though. $10 a year I think

[–] max@feddit.nl 1 points 11 months ago

+1, well worth the 10 bucks.

[–] Zekenator_von@lemmy.ml 1 points 11 months ago (2 children)

Bitwarden has a 2fa function?i didn't know it. But I don't fully trust online apps for storing passwords though. A server can always be exploited

[–] Lodra@programming.dev 2 points 11 months ago

Bitwarden uses end to end encryption. This severely reduces the risk their infra is attacked. The encryption keys exist on your devices only so it’s impossible to read the server side data.

The only real question is how much you trust Bitwarden as a company. Are they completely lying about E2EE to customers and auditors? If not, then Bitwarden is a good choice.

[–] Lodra@programming.dev 1 points 11 months ago

Oh and ya, it’s has a one time passcode function. Works great! It will even autofill into OTP fields… sometimes 🙂

[–] random65837@lemmy.world 2 points 11 months ago (1 children)

iOS has terrible choices when it comes to privacy and/or Open source. Apps that put control into the users hands are in direct conflict with Apple, and many times from what I know certain software licenses have issues getting approved there. See if Raivo is still around (may be spelled wrong).

Check out Techlore as well for recommendations across the board, before he went to a Pixel he ran an iPhone for a while and had a decent list of stuff for them IIRC.

[–] picnicolas@slrpnk.net 2 points 11 months ago* (last edited 11 months ago)

You’re right about Apple. I hope the EU will force openness into the ecosystem. I’m also hopeful that open and free alternatives will continue to become more viable in terms of user experience; the switch to Lemmy from Reddit has been mostly painless.

Thanks for the recommendations.

Edit: Raivo is perfect for a dedicated Authenticator app in the Apple ecosystem. I’ll likely pay for Bitwarden instead as I want to support their great product.

[–] rush@lemm.ee 2 points 10 months ago

Bitwarden has TOTP in their premium plans, otherwise check https://ente.io/auth

[–] sio2@lemmy.ml 3 points 10 months ago

I reccommend ente auth. privacyguides.org added it a while ago.

[–] driveway@lemmy.zip 1 points 10 months ago

Yeah, FreeOTP exports are broken. Can't import them back to FreeOTP, can't import them to another application. I've spent 2 hours writing a script to decrypt the export manually, the resulting codes are not accepted anywhere probably because ciphers are not written to the file properly. I've been going around restoring accounts for the past month. Fuck FreeOTP.