On 4/29/24 21:09, Greg Troxel wrote:
Benny Siegert <bsiegert%gmail.com@localhost> writes:The cheapest way to have TOTP is to install Google Authenticator on your phone.Be careful when you choose a TOTP program that you are able to back up the seeds yourself, and that the program does not send the seeds to the cloud not adequately protected in the name of cross-device syncing. Last I heard Google Authenticator was not ok, but maybe that has changed and it is now impossible to sync without e2e encryption inaccessible to google.
It used to be that google authenticator didn't automatically back up your secrets, so you had to be very careful to copy them over when you got a new phone and if your old phone was unusable you were hosed.
This has since been fixed, and it will back them up to the google cloud like any other app's private data.
I will leave any tinfoiling about backing up secrets to the cloud unsaid.AndOTP is an opensource alternative, and I will second a vote for KeePassXC in general.
Staffan
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature