With bitwarden changing to at least email auth required, I’m one of those that stores my email creds there. I don’t want to risk losing my email so it seems I need to use an Authenticator. For work, I have microsoft auth but that makes me want to die a little.
EDIT: I appreciate you all, thank you.
Aegis is nice
I switched from Google Authenticator to Aegis and have had no problems.
One more upvote for aegis
Been with aegis through 4 devices and absolutely love it.
FOSS ftw!
thanks for this!
Aegis (fdroid)
I use proton pass but IDK if it’s good to warn against them now as they appear to support fascists
Aegis.
whatever you choose, keep the 2FA recovery codes to at least bitwarden on paper, in a safe place
I’ve used andOTP for years and it’s served me well. and it’s FOSS
I typically use Bitwarden for my 2fa keys and passkeys. For Bitwarden itself, I have a Yubikey and my phone registered as passkeys. I also used to use Duo for 2fa in the past, but I prefer Bitwarden.
I did not realize they had an authenticator… That would be convenient. I think I’ll do that.
I second Bitwarden. It’s open source and automatically copies the number to your clipboard. Migrating can be a pain in the ass but once you’re done, it’s great.
I use LastPass authenticator for 2fa (note, I do not store any passwords in LastPass)
This way the authenticator accounts sync to my LastPass account and make device migration a breeze, I simply just sign into LastPass and then I can use authenticator immediately on the new device.
You could also use Microsoft authenticator (again with no passwords saved) to achieve the same thing.
I just didn’t want to bother with exporting and importing 2fa accounts when getting a new phone. Or worse, if my phone fails unexpectedly I don’t want to be unable to generate codes.
This is really sold advice
Yubikey + Yubico app covers all my needs and is technically the most secure option
If you already have Microsoft authenticator just use that. They’re all basically the same
I used tobuse authy. Mainly for the desktop to phone sync feature. The desktop got removed unfortunatly. So i am looking as well
whatever you choose, keep the 2FA recovery codes to at least bitwarden on paper, in a safe place
I use 1password. It’s fine. I haven’t tried much other stuff, but it works well, but I don’t think there is a free option so it might not be a good pick. There is also Google Authenticator which works fine and is free.
At the risk of sounding snarky, why is this a deal breaker? I can recover both bitwarden and my email if I was ever in a situation where I forgot one or both passwords. It also only occurs in a situation where you are signing into devices that you’ve never logged in to or purposely logged out of. I do use 2FA, but even if I did not it sounds like a lot of complaining about a situation that you should already be prepared for. Bitwarden could easily go down or your password vault could be corrupted or (at worse case) your vault compromised and passwords stolen. Make plans for such situations and you’ll realize this is mostly a knee-jerk reaction to a non-issue.
