this post was submitted on 19 Aug 2023
104 points (100.0% liked)

Open Source

822 readers
27 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

If proprietary app is better and more robust I am willing to try it and assess it myself.

you are viewing a single comment's thread
view the rest of the comments
[–] badelf@lemmy.ml 1 points 1 year ago (4 children)

KeepassDX already has TOTP

[–] styx 2 points 1 year ago (3 children)

I am not a big fan of storing the passwords and 2fa together since if it is compromised, you lose both layers at the same time. But the alternative is not so convenient. But then in security, it is always a balance between the two.

[–] badelf@lemmy.ml 1 points 1 year ago (2 children)

True true. But the auth apps I've seen don't appear to be secure. So if you lose your phone...

And I don't like hw key because I'm afraid I'll lose it.

[–] styx 1 points 1 year ago (1 children)

I have a two layer system in place:

  1. I use Aegis, I have automatic encrypted backups, and syncthing to synchronize the backups to my private server. If I need to reconfigure Aegis, I just import the backup.

  2. I have 2FA backup codes as encrypted text files, which are also synced to my server with syncthing. I have the encryption/decryption software installed on my phone and windows, so I can use a backup code if I don't have access to Aegis.

One issue was I had to write my own apps for windows and android for encrypting/decrypting the text files 😃. You can check them on GitHub: https://github.com/mcanyucel/TextCrypt-Windows https://github.com/mcanyucel/textcrypt-android

They use SHA256 with random IV and random salt. No warranties, though 😅

[–] badelf@lemmy.ml 2 points 1 year ago

Damn! I hope I don't have to be quite that careful. I travel a lot so I really only worry about the USA border guards. 😒