this post was submitted on 18 Jun 2024
388 points (98.0% liked)

Bikini Bottom Twitter

3540 readers
192 users here now

Are ya ready kids?!

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] LANIK2000 33 points 5 months ago (1 children)

My phone once died at work and I needed to write my gf. While I had my phone in the charger I thought I could just do it on my work PC (HA! What a funny joke). "Check your phone. Can't do that? Check your email." I try to log into my email. "Lol, check your phone."

[–] [email protected] 2 points 5 months ago (2 children)

2FA and password manager, never needed using my phone for sign in again

[–] LANIK2000 15 points 5 months ago (1 children)

2FA: Literally my case here, too bad my email also had 2FA pointed towards my phone.

And I don't have my personal password manager on my work computer. Not to mention it wouldn't save me from this 2FA chain that makes me phone the only valid key.

The moral of the story is ofc don't use Gmail or stuff that only trusts your bloody phone.

[–] [email protected] 1 points 5 months ago (2 children)

There are programs for PC that can generate those authentication codes, bypassing the need for a phone

[–] UltraMagnus0001 2 points 5 months ago (1 children)
[–] [email protected] 1 points 5 months ago (1 children)

From what I've seen (1 min search), OTP generation is a feature for premium users of bitwarden.

If you are on windows, you should try keepass with your database in your onedrive folder for easy syncing.

If you are on linux, there are options for syncing files like samba servers or mounting onedrive itself.

[–] UltraMagnus0001 2 points 5 months ago

I remember reading somewhere that keypass was hacked. I wonderr if they got better at security.

I Don't remember exactly if the bitwarden feature I used was OTP, I think it was something like Login with passkey and then I had to put my bitwarden password for my Google login. I just picked bitwarden because I assumed it had more free features.

[–] LANIK2000 2 points 5 months ago* (last edited 5 months ago) (2 children)

Doesn't change the fact that I'd need a specific device to login, still can't do anything from my isolated work computer. If I was carrying my personal laptop around with me, I wouldn't have this issue to begin with, I'd just message from there.

Makes me wish something like a literal USB key existed. Altho for now I'll probably just not use 2FA on my email, and use an alias instead for protection.

[–] [email protected] 2 points 4 months ago (1 children)

Makes me wish something like a literal USB key existed.

You mean something like a Yubikey?

[–] LANIK2000 1 points 4 months ago

Perfect, thanks :)

[–] [email protected] 2 points 5 months ago (1 children)

Hear me out, keepassxc has OTP capabilities, it is a password manager that uses just one file as a database. Just with your work computer you can log in without the need of a phone.

The only hassle is syncing the file.

[–] LANIK2000 2 points 5 months ago (1 children)

Hmm, might look into it a bit more. Thanks for the starting point!

[–] [email protected] 1 points 5 months ago

No problem, I currently use a password manager for the command line based on gpg keys and synchronized using git. It is inteded more for linux but I think it has windows clients. If you are interested: https://www.passwordstore.org/

You can also use keepassxc on your phone, I don't know if there is an app for iOS but play store has an app.

[–] [email protected] 4 points 5 months ago (1 children)

You need your phone if it's the 2nd authentication factor.

[–] [email protected] 1 points 5 months ago (1 children)

Using OTP you just need a program that can generate codes. It can be your PC

[–] [email protected] 2 points 5 months ago (1 children)

I meant the sign in code google texts you. Not the App based One Time Password option. But, yes OTP option can also be set up as another fallback option

[–] [email protected] 2 points 5 months ago

That's true, I had that option enabled until I switched to a custom rom that disables that feature so I had to change the method.