this post was submitted on 18 Feb 2024
16 points (94.4% liked)

Linux

8291 readers
554 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
 

I'm trying to move away from Authy since they're ending support for their desktop app, and I thought Aegis would be the right app for me to jump to, but it doesn't seem to have a desktop app. So I'm wondering what FOSS apps the rest of you use for Desktop and Mobile 2FA?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 10 months ago (1 children)

Passkey is on your device though?

It doesn’t kill the point of 2fa. It’s something you have… you have your device. If you didn’t you wouldn’t have the TOTP code.

The something you know (password) is much more likely to be breached and stolen. That is what isn’t tied to your device. You probably want the second factor to be linked to just the devices you have.

[–] mholiv 1 points 10 months ago* (last edited 10 months ago) (1 children)

Edit: I was wrong and mixed up passkeys with something else. Passkeys I think are still better than desktop totp apps because at least they work with secure hardware on the platform.

[–] [email protected] 1 points 10 months ago (1 children)

That’s not what passkeys are in many implementations. Look up Google/microsoft/apple passkeys. That’s what people mean when they say passkeys.

You’re thinking of a device like a Yubikey, which is a great device.

[–] mholiv 1 points 10 months ago

You’re right. Yah. Still at least those use “secure element” equivalents at least.