Author

Topic: Best 2FA applications to use. Open source, free, secure. Better than Google's (Read 427 times)

sr. member
Activity: 1344
Merit: 459
Still loyal with this application Twilio Authy Authenticator for the best 2FA service based on my experienced, I don't blame with any 2FA recommended from the OP but when having many application our mobile phone seems not really good impact with mobile phone working. No required for back up authinticator code or secret key number when this app loss from mobile phone or suddenly uninstall if mobile phone number used for registering this app still active.

Easy with Twilio Authy Authenticator move one mobile phone to other mobile phone device because this application support install more than two mobile phone device on the same time.
full member
Activity: 496
Merit: 142
Hire Bitcointalk Camp. Manager @ r7promotions.com

Thank you.

Have you ever used those 2FAs that support 6-digit TOTP code?

I only see Google Authenticator as an app choice, can I use other 2FA apps?

Yes. Even though our interface only mentions Google Authenticator, the majority of 2FA applications that utilize 6-digit TOTP (time-based one-time passwords) will work in Google Authenticator's place. The application must also use an initial 16-digit key to bind accounts (which is standard for most 2FA applications).

In this case, you will still need to select 'Google Authenticator' as your chosen 2FA method when given the option.

Although we recommend Google Authenticator (if possible), here are some popular alternatives that also support 6-digit TOTP codes:

    Authy (iOS & Android)
    Okta Verify (iOS & Android)
    2FA Authenticator App (2FAS) (iOS only)
    Microsoft Authenticator (iOS & Android)
    Duo (iOS & Android)
    LastPass (iOS & Android)
    Most other authentication applications that support 6-digit TOTP codes

In each of these cases, the instructions in the above guide should also apply or be suitable for these apps. If you find that the instructions above do not apply, we recommend consulting your authentication app's help guide, or, confirming that the app in question supports 6-digit TOTP codes.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
 andOTP - OTP Authenticator  ____ Android, F-droid

https://i.imgur.com/cgNlVqg.png
https://i.imgur.com/lH0qwtb.png

Quote
andOTP is currently unmaintained, please check GitHub for additional details.

andOTP implements Time-based One-time Passwords (TOTP) like specified in RFC 6238 (HOTP support is currently in beta testing). Simply scan the QR code and login with the generated 6-digit code.

You already quote andOTP is currently not maintained. In fact the development stopped on Jun 14, 2022[1] and the latest release was on Jun 15, 2021[2]. So IMO it's no longer best 2FA application and probably should be mentioned only as as historical information.

[1] https://github.com/andOTP/andOTP
[2] https://github.com/andOTP/andOTP/releases/tag/v0.9.0.1
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Since it is all about 2FA then this thread I created few years back is helpful especially to those newbies who doesn't know how to enable 2FA.

Take Note Newbies who will be reading this post. The authenticator used in the thread is an example and it all depends on what authenticator that you will use either, Google Auth, Authy or any of the authenticator on OP's post.

[Guide] How to Enable 2FA using Google Authenticator or Any Authenticator!
legendary
Activity: 1106
Merit: 1337
Lightning network is good with small amount of BTC
I thought that it was just like Google Auth and Authy but then the other one that's popular I guess is Aegis. The rest, I have nothing to say because I have never used them.
Aegis is very good and I can recommend it. I have used andOTP before but I was unable to import Google 2FA export code on it, unlike Aegis that I was able to. But I do not recommend this kind of import again as Google authenticator has gone bad beyond being close source authenticator, to being synchronizing with Google online cloud. Aegis only support Android, not on iOS. For iOS, Tofu and Raivo are good.
hero member
Activity: 3136
Merit: 591
Leading Crypto Sports Betting & Casino Platform
I thought that it was just like Google Auth and Authy but then the other one that's popular I guess is Aegis. The rest, I have nothing to say because I have never used them.
We got that thought that it's best to stick to the ones that we've known and have been using for a long time and never had any problem experiencing it.
But then if it's concerning our data and information and some apps that we've been trusting is doing that for us. Note that most of the apps are doing that but then, it's good to see that we've got plenty of choices.
hero member
Activity: 798
Merit: 702
Both Google 2fa and authy are closed source apps, and they are also free, in your opinion, where do they get the money to pay the developer, like your question?

I just checked a couple of the other 2Fa application and most of them are free too is there any guarantee that open source program is don't collect our data
What makes it open source is that other developers can also check the authenticity of those apps to see if they have hidden setups, if the app can still store data, or if they even backup users data. That's why I believe open-source apps are highly supported and advisable for users to use.

I haven't really tested any of those because I still don't have a need for them right now, but if I do use them in any of my exchanges, I will really not consider using Google Authenticator again. I would rather choose from any of the above-listed options; if not for this post, I never knew there were actually better authenticators out there than Google.
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
Both Google 2fa and authy are closed source apps, and they are also free, in your opinion, where do they get the money to pay the developer, like your question?

I just checked a couple of the other 2Fa application and most of them are free too is there any guarantee that open source program is don't collect our data
sr. member
Activity: 1316
Merit: 422
Catalog Websites
Found something new, anyway, I am using the Google authenticator as most of the time this was the only one I knew haha. Actually most of the time people use it. I am not having issues while using it, I had very experience with the 2FA back around 2 years ago when I lost the backup of the 2FA and lost my only device at that time I had. Now things are changed with the experience and learnings, still i would say be double sure even while using 2FA .
Previously I was advised by my friends to use Tofu and Raivo, but I still use Google authenticator because so far I haven't had any problems that could interfere with my login process. I keep my setup key offline, when I try to log in from another device it's still safe and smooth without any problems.
Convenience keeps me sticking with Google authenticator, I'm still picking and doing research on Tofu and Raivo, if possible one of them will be my choice when having any intention of migrating from Google authenticator.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
I have been using Tofu for quite sometime and it's a definitely a good alternative to Google Authenticator and Authy. I have been more of an Authy user compared to Google's but I think those two are the most popular. I believe that it's worth checking out an alternative because you cannot recover it if you lost your device or something.

Some of the things you listed are good for sure. I do hope people use it and understand it that it's important to have.
sr. member
Activity: 1400
Merit: 283
DGbet.fun - Crypto Sportsbook
Quote from: Wend link=topic=5451585.msg62209500#msg62209500
Google Authenticator can be said to be the most popular and used 2FA application. It's safe to use so far, but their only problem is collecting users' data without our permission.
Was this the reason for Binance announcement regarding the use of 2fa and disabling it. Ive read it somewhere their announcement maybe on Twitter but that means there something Google arent doing well here. So far I am only using Google 2fa but will look into other choices.



I don't know about that announcement from Binance, but if you intend to use another app to replace Google 2fa, I recommend using open source apps like Aegis, Raivo and Tofu.

but have any authicator with extension support?

I know an app that gives you all three platforms, as you would expect. But I don't recommend using it because it collects user data. I also just deleted it a few days ago after learning it was collecting user data.

https://2fas.com/browser-extension/

Google Authenticator can be said to be the most popular and used 2FA application. It's safe to use so far, but their only problem is collecting users' data without our permission.
If you are using the iOS operating system, Raivo and Tofu are also a perfect choice like Aegis. All are open source and do not collect any user data. I am currently using Aegis and am quite happy with it. I am also planning to install Tofu or Raivo on my old ip7 to test.

Is that true I don't know if the 2Fa collecting user data without our permission. Although Im always using authenticator got from Google and from chrome extension and the data doesn't store it online so basically it will stay on your computer.

I heard 2FA called authy but it seems it is not open source. But it always curios me if the product free where they get the money to pay the developer there is some people said if the product is free you are becoming the product itself
Quote
There are thousands of completely free pieces of software with no steady income stream out there which survive just fine. There is also a donation link on the Aegis website if anyone is so inclined.

Still, even if development stops tomorrow, nothing changes with the app you have already downloaded and are running. And of course, you should utilize Aegis' ability to create encrypted exports of your database, so even if you can't install Aegis on a new device you can still import your 2FA codes in to a different app.
https://bitcointalksearch.org/topic/m.62188593

Both Google 2fa and authy are closed source apps, and they are also free, in your opinion, where do they get the money to pay the developer, like your question?
copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
Google Authenticator can be said to be the most popular and used 2FA application. It's safe to use so far, but their only problem is collecting users' data without our permission.
If you are using the iOS operating system, Raivo and Tofu are also a perfect choice like Aegis. All are open source and do not collect any user data. I am currently using Aegis and am quite happy with it. I am also planning to install Tofu or Raivo on my old ip7 to test.

Is that true I don't know if the 2Fa collecting user data without our permission. Although Im always using authenticator got from Google and from chrome extension and the data doesn't store it online so basically it will stay on your computer.

I heard 2FA called authy but it seems it is not open source. But it always curios me if the product free where they get the money to pay the developer there is some people said if the product is free you are becoming the product itself
legendary
Activity: 2534
Merit: 1233
I never thought that there were open-source authenticators aside from Google auth which I usually heard and used.
It might be because I'm not a fan of using them and might this thread will be useful in the future and I bookmarked it, thank you for sharing this.

I've confused so I research a little bit about open-source authenticator and I think OP consider this too on the list.
It's freeOTP app, https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp

It's an open-source app that can be used on Android and in iOS.
hero member
Activity: 2786
Merit: 902
yesssir! 🫡
Was this the reason for Binance announcement regarding the use of 2fa and disabling it. Ive read it somewhere their announcement maybe on Twitter but that means there something Google arent doing well here. So far I am only using Google 2fa but will look into other choices.

If the announcement is recent, probably has to do with the sync function as mentioned above. This created buzz couple of days ago especially when two researchers found google could technically access the secret keys if you enable the function.

Found something new, anyway, I am using the Google authenticator as most of the time this was the only one I knew haha.

Lol. I was the same until people recommended aegis and this is probably true for a lot of people into crypto when they just started.

I may have diligently followed exchange's instructions a little bit too much as they tend to only use google authenticator for their help articles/instructions. I can't remember which but I vaguely recall an exchange referring to TOTP/authenticator apps as "Google Authenticator" on the settings lol.
copper member
Activity: 2128
Merit: 1814
฿itcoin for all, All for ฿itcoin.
I've always known that Google Authenticator does not save any of our 2FA accounts in our Google account, so I keep my setup key offline and safe in case something bad happens to my device and I need to recover my account quickly.
I have not used it since my newbie days, but I understand they now have a cloud back up feature for the codes. Here is some article from late April - Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

I am still not a fan of Authenticators with cloud based backups, especially if they are not open source.
legendary
Activity: 966
Merit: 1042
#SWGT CERTIK Audited
Found something new, anyway, I am using the Google authenticator as most of the time this was the only one I knew haha. Actually most of the time people use it. I am not having issues while using it, I had very experience with the 2FA back around 2 years ago when I lost the backup of the 2FA and lost my only device at that time I had. Now things are changed with the experience and learnings, still i would say be double sure even while using 2FA .
sr. member
Activity: 1246
Merit: 262
Its seems new for me with active on google authicator only right now, but have any authicator with extension support? many listed of authicator support with mobile phone for android or IOS but has extension authicator will give many option for us when losing mobile phone but still
linked with chrome or mozilla firefox browser like this Authenticator.

Depend on Authy and Google authicator which one have beneficial than OP listed authicator? seems many people know with Authy as their 2fa authicator and seems not problem with this back up security how to secure their account.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
Quote from: Wend link=topic=5451585.msg62209500#msg62209500
Google Authenticator can be said to be the most popular and used 2FA application. It's safe to use so far, but their only problem is collecting users' data without our permission.
Was this the reason for Binance announcement regarding the use of 2fa and disabling it. Ive read it somewhere their announcement maybe on Twitter but that means there something Google arent doing well here. So far I am only using Google 2fa but will look into other choices.


Thanks OP for showing the list might be helpful.
sr. member
Activity: 1400
Merit: 283
DGbet.fun - Crypto Sportsbook
I've always known that Google Authenticator does not save any of our 2FA accounts in our Google account, so I keep my setup key offline and safe in case something bad happens to my device and I need to recover my account quickly.

But, with the list you've provided here, I think I'll do a little research on them and switch to one of them (if my account can be safely backed up and recovered). I've had my eye on "Aegis Authenticator" for a while now, but I'd still need to do some research before fully migrating; the only problem is that they're not currently supported on iOS, which could be a problem.

Google Authenticator can be said to be the most popular and used 2FA application. It's safe to use so far, but their only problem is collecting users' data without our permission.
If you are using the iOS operating system, Raivo and Tofu are also a perfect choice like Aegis. All are open source and do not collect any user data. I am currently using Aegis and am quite happy with it. I am also planning to install Tofu or Raivo on my old ip7 to test.
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
I've always known that Google Authenticator does not save any of our 2FA accounts in our Google account, so I keep my setup key offline and safe in case something bad happens to my device and I need to recover my account quickly.

But, with the list you've provided here, I think I'll do a little research on them and switch to one of them (if my account can be safely backed up and recovered). I've had my eye on "Aegis Authenticator" for a while now, but I'd still need to do some research before fully migrating; the only problem is that they're not currently supported on iOS, which could be a problem.
full member
Activity: 496
Merit: 142
Hire Bitcointalk Camp. Manager @ r7promotions.com
 Always backup a code you use to activate your 2FA.
You need it to recover your 2FA later or to import it on other devices.
Always backup in cryptocurrency.  




If you already used or want to use Google Aunthenticator, let's read 2FA - Important Precautions with Google Authenticator and consider to use alternatives.



 Aegis Authenticator  _____ Android, F-droid



Quote
Aegis is an alternative to proprietary two factor authentication apps like Google Authenticator and Authy. Its most important features, are security and backups.
It is a free, secure and open source 2FA app for Android.
It aims to provide a secure authenticator for your online services, while also including some features missing in existing authenticator apps, like proper encryption and backups.
Aegis supports HOTP and TOTP, making it compatible with thousands of services.

For a list of frequently asked questions, please check out the FAQ.

The security design of the app and the vault format is described in detail in this document.

Features


 Tofu Authenticator  _____ iOS




Quote
An easy-to-use, open-source two-factor authentication app designed specifically for iOS.

Tofu generates one-time passwords to help you protect your online accounts. These passwords are used together with your normal password when you sign into services like Google, Facebook, Dropbox, Amazon, and GitHub.

Tofu works with all services that provide two-factor authentication using the HOTP and TOTP algorithms. It does not require a network or cellular connection and can be used in airplane mode.



 Raivo OTP  _____ iOS, Mac




Quote
A native, lightweight, non-commercial and secure multi-factor authenticator that synchronises your one-time passwords (OTP) across all of your Apple devices.

Open Raivo OTP in one tap, sign in with FaceID and copy your one-time password to your Mac in one tap with the Raivo MacOS companion app. Using a multi-factor authenticator has never been easier!


 Ente Authenticator  _____ Android, FiOS



Quote
ente's Authenticator app helps you generate and store 2 step verification (2FA) tokens on your mobile devices.

Features

  • Secure Backups
  • Multi Device Synchronization
  • Offline Mode
  • Import and Export Tokens
  • Scanning a QR code
Read more about its features.


 andOTP - OTP Authenticator  ____ Android, F-droid




Quote
andOTP is currently unmaintained, please check GitHub for additional details.

andOTP implements Time-based One-time Passwords (TOTP) like specified in RFC 6238 (HOTP support is currently in beta testing). Simply scan the QR code and login with the generated 6-digit code.
Jump to: