Android's Aegis Is the best. It's free and Open source, it doesn't connect to the internet. And you can store a back up file where you wish, in case you loose your phone.
I personally went with Ente's Auth which works pretty well as a drop-in replacement after using Aegis for a few months. Aegis was fine, but it feels a bit too dated to me. It's not bad, it's the standard (in terms of what people recommend AND what every apps have an Import option available for) for a reason. But it feels dated and I don't need most of its customization. Currently also looking at Bitwarden's new standalone 2FA app though.
@@NazmusLabsOne day you woke up in the morning and saw that the Password manager you were using got a data breach, and not so good people got your all accounts information along with user name, password and the 2fa code. Thats why using two seperate app is always a good idea. I hope you understand
@@washimkhandakar that wouldn’t be an issue issue because password managers are encrypted. Even with the data breach, the hackers cannot get any data because the way encryption works is that the data is jun unreadable unless you know the master password. and the master password is not stored anywhere. They use a technology called salting and hashing, which means it only knows if you got the password correct but doesn’t know what the actual password is. Last pass at one point, I believe, had a data breach and not a single password was revealed! May Allah (S.W.T.) bestow upon you His Blessings and Guidance; Ameen.
"Smartphone only." "Well, my ONLY smartphone is suddenly unavailable for any number of reasons, and I'm SOL.." I gotta have backups of backups, myself.
So you did not recommend a free solution that has apps for all 3 desktop platforms besides Web and mobile? And no, this question is very obvious since there is basically just 1 out there that meets the criteria.
God, yes. Authy is a mess. I regret ever trusting them. Thank god the desktop app's discontinuation made me get off my butts and migrated to Aegis, and later to Ente's Auth. Bitwarden's standalone 2FA app also looking good though, but it's very new, not yet much in features beyond the bare bones, but I'm monitoring it because I trust them and it's looking good.
My Facebook is locked due to two-factor authentication and I cannot open it, knowing that the identity verification step does not appear for me. It tells me that We're sorry, but there's a technical problem with this feature. We're working to fix it.
Authy's decision is not convenient to the user but is more secure and getting closer to the intent behind 2FA as "something you have". An app that can be replicated and used by many people in many places, at the same time even, is not "something you have". It's really nothing more than another password.
Based on your thinking every device can be something you have eg. 2 yubikeys so you won't lock yourself out etc. The mobile app will never be passed as something you have on any security audit. It is just an inconvenience at this point. Why? Because you can use Bitwarden or 1Password with the same way, only on your phone , so that argument goes out of the window for Authy.
Are you making the point that authy is more secure because it is tied to one needing to have the correct phone number, vs simply a master password. It seems that lastpass doesn't require the same phone number; all you need is the master password as well as the password and email address of email account. I am thinking that if you lose your phone then it would be easy to restore lastpass on a new phone. Whereas with authy you need to go and get the sim card with the same phone number on it. I believe you can only add a new device with authy if you have any old phone with the same authy account on it, as well as the ability to use the same phone number.
@@frixosfriedman7813 Convenience is at opposite ends from security. The easier it is for you to restore or clone, the easier it is for a bad actor to do the same.
✅ Watch next ▶ Another Way to Protect Yourself from 2FA Loss ▶ ua-cam.com/video/ZGYA7h93ik8/v-deo.html
Android's Aegis Is the best. It's free and Open source, it doesn't connect to the internet. And you can store a back up file where you wish, in case you loose your phone.
I personally went with Ente's Auth which works pretty well as a drop-in replacement after using Aegis for a few months.
Aegis was fine, but it feels a bit too dated to me. It's not bad, it's the standard (in terms of what people recommend AND what every apps have an Import option available for) for a reason. But it feels dated and I don't need most of its customization.
Currently also looking at Bitwarden's new standalone 2FA app though.
Aegis or 2FAS. If you want more security, 2FA is better off being as a different app than being used together with a password manager.
Why is it better being seperate? Password managers are encrypted
@@NazmusLabsOne day you woke up in the morning and saw that the Password manager you were using got a data breach, and not so good people got your all accounts information along with user name, password and the 2fa code. Thats why using two seperate app is always a good idea.
I hope you understand
@@washimkhandakar that wouldn’t be an issue issue because password managers are encrypted. Even with the data breach, the hackers cannot get any data because the way encryption works is that the data is jun unreadable unless you know the master password.
and the master password is not stored anywhere. They use a technology called salting and hashing, which means it only knows if you got the password correct but doesn’t know what the actual password is.
Last pass at one point, I believe, had a data breach and not a single password was revealed!
May Allah (S.W.T.) bestow upon you His Blessings and Guidance; Ameen.
I dont know how to use Aegis,and how i can Out my Google Account into Aegis im to dumb i guess 😂😭
Thankyou, Leo.
I have tried a couple of authenticators and finally (at least for now), have chosen Aegis.
Aegis is my favorite. Open Source, and not tied to a password manager.
One more BIG vote for Aegis on Android.
Thank you! I had no idea the code changed every 30 seconds. Good to know!
"Smartphone only." "Well, my ONLY smartphone is suddenly unavailable for any number of reasons, and I'm SOL.." I gotta have backups of backups, myself.
I am way younger than You and I will tell You one - all this rubbish has got out of control, all I want is to opt out of this stupid digital world.
So you did not recommend a free solution that has apps for all 3 desktop platforms besides Web and mobile?
And no, this question is very obvious since there is basically just 1 out there that meets the criteria.
you don't recommend Microsoft Authenticator app?
I don't think that Microsoft Authenticator by design supports synchronizing TOTP keys across multiple mobile devices.
It's a spyware
Ente is really good..
Anything other than Authy is 👍
God, yes. Authy is a mess. I regret ever trusting them. Thank god the desktop app's discontinuation made me get off my butts and migrated to Aegis, and later to Ente's Auth.
Bitwarden's standalone 2FA app also looking good though, but it's very new, not yet much in features beyond the bare bones, but I'm monitoring it because I trust them and it's looking good.
Ent Auth for desktop & mobile or 2FAS
Another vote for Aegis on Android
My Facebook is locked due to two-factor authentication and I cannot open it, knowing that the identity verification step does not appear for me. It tells me that We're sorry, but there's a technical problem with this feature. We're working to fix it.
2FAS
2FA apps are only as good as your phone, if your a victim of a SIM swap, your screwed
Not true. A SIM-swap does not affect Google Authenticator compatible apps.
Authy's decision is not convenient to the user but is more secure and getting closer to the intent behind 2FA as "something you have". An app that can be replicated and used by many people in many places, at the same time even, is not "something you have". It's really nothing more than another password.
Based on your thinking every device can be something you have eg. 2 yubikeys so you won't lock yourself out etc.
The mobile app will never be passed as something you have on any security audit. It is just an inconvenience at this point. Why? Because you can use Bitwarden or 1Password with the same way, only on your phone , so that argument goes out of the window for Authy.
Absolutely. It presents no problem to me to type in6 numbers. Using the service of a password manager defeats the intent of 2FA.
Are you making the point that authy is more secure because it is tied to one needing to have the correct phone number, vs simply a master password. It seems that lastpass doesn't require the same phone number; all you need is the master password as well as the password and email address of email account. I am thinking that if you lose your phone then it would be easy to restore lastpass on a new phone. Whereas with authy you need to go and get the sim card with the same phone number on it. I believe you can only add a new device with authy if you have any old phone with the same authy account on it, as well as the ability to use the same phone number.
@@frixosfriedman7813 Convenience is at opposite ends from security. The easier it is for you to restore or clone, the easier it is for a bad actor to do the same.
Your statement stating Authy is not compatible is incorrect, Authy is Mac compatible if it uses the M1,2,3 or 4 chips.
passkeys are the only solution.