this post was submitted on 05 Jul 2024
736 points (99.2% liked)
Technology
59148 readers
2312 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Does anyone have a suggested alternative for authy? (Please read the whole post before responding)
I'd love to go with an open source solution as I've done with my password manager, but that doesn't seem possible with one of my big requirements:
Scenario: I've had my phone robbed abroad and managed to buy a new one and loaded my ESIM back into it—I need to recover access to my 2 factor database via SMS so I'm able to log into my cloud storage and access my password database.
At this point I'd probably be happy to host a service myself on something like AWS and use SNS for this requirement, but I'm not sure anything like that exists ready to go. I'm not particularly interested in rolling something myself for this.
I'd be dubious of jumping from one closed source product to another, but if there's a particularly good option I'm all ears, I've been otherwise happy with authy for about a decade now, but this plus the retirement of the desktop app have me looking elsewhere.
Edit: added emphasis
Bitwarden has 2FA built in, and you can host it yourself if you want.
I've looked into this before and unfortunately it doesn't support the SMS requirement I have in my deal-breaker scenario—do you know if this has changed and can point me to the docs regarding it?
Do you really need that ?
Self hosting means you have outside your phone your real vault and the phone is just connecting to it to refresh its local data.
I’ve setup my vaulwarden in my local network kit’s the local bitwarden server i use), my phone, tablet or simple webbrowser can connect to it when i’m home via the classic bitwarden (with self hosting parameters).
If i travel, i have just to start my openVpn session and connect to my home but it’s only needed if I want to update something (the encrypted cache it’s enough for consulation). If I have nothing to change, no need to have a vpn. I just use the cached data.
If my phone is stolen the data are safe (cache is encrypted, source is not on the phone). I revoke the vpn access by precaution and move one. No sms scenario needed here.
You only need to have a backup phone or computer to setup your new access on the new phone.
Edit: of course my vpn connection is protected by a passphrase so nobody can connect to my home network without me around. And the bitwarden app is also protected of course.
Do you have a second factor for your VPN? Or is it literally just a passphrase and you're in? I also need a shared key to access mine, which puts new back at square one (I will not compromise on this)
I do really need what I've described because it's literally a situation I've been in.
passphrase yes. It’s a long sentence than only me know.
As i use this vpn only when travelling and the passphrase doesn’t change, i can use my phone or tablet cached data to get the passphrase if i forget it.
And once connected to my home network via my vpn, i have access to all my services (vaultwarden, jellyfin, storage, etc...). All require of course login as i’m not accessing them from my local network.