As we all know, Ravio has been removed from the recommended multi-factor authentication apps for iOS on PrivacyGuides.
As I want to export all my TOTP codes out of Ravio ASAP, what apps are you migrating towards? I know a few were mentioned such as:
• Tofu • Ente • 2FAS • FreeOTP • Bitwarden TOTP + Yubikey
I just use Authy
I used to use them a while back but now I use Aegis. I prefer my 2fa offline and disconnected from the internet. I still keep my backups saved in safe spaces though. It served me well to get off of Authy too because last year, they got compromised.
Aegis is Android only
I prefer my 2fa offline and disconnected from the internet.
That’s great until you lose your phone or something…
Well, that’s what backups are for. I sync my Aegis backups between phone, tablet and PC via syncthing. It’s convenient to have authy handle bwckups for me, but if I use 2fa I don’t want to water down its usefulness right away.
Edit: After digging into 2FAS, I think it is now my top choice. Seems like more of a drop in replacement for Raivo. https://2fas.com/
My second choice is (as of this edit) Owky. I’ve not seen anyone talking about it, but it’s FOSS and has the ability to export your TOTP codes.
Im a little worried about it not being maintained though, since it’s a single developer.
https://apps.apple.com/us/app/owky-two-factor-authenticator/id1602245257
Other options I’ve considered:
Tofu Authenticator. Unfortunately it’s basic though and lacks the ability to export.
ente Authenticator. Account required, and I’m a little undecided on the company. Might be a serious option though.
I use Bitwarden for everything, including my totp codes. I should probably use a separate app solely for Bitwarden’s totp code, but the danger of losing it all gives me such a rush!
You can write down your Bitwarden 2FA recovery codes and keep multiple copies of them in safe and private places
I’m currently enjoying ProtonPass’ built-in 2FA. You gotta be on a paid plan, however, but it’s worth it imo.
Where are you keeping the 2FA code for your proton account? (Supposing you have it set up)
I keep that one in my iCloud keychain just out of convenience
Why are people switching away from Raivo?
/c/outoftheloop
Edit: Looks like it’s been bought by a generic app developer about which there are few details to be found: https://discuss.techlore.tech/t/raivo-otp-authenticator-has-been-acquired/4962/2
I have been using ProtonMail and Drive already so it was an easy decision to switch to Proton Pass when it came out. It’s an all-in-one password manager which let’s you store 2FA as well and also let’s you make email aliases. It’s synced everywhere, on Firefox on my linux desktop to my android phone to my iPad.
What happened to Raivo?
They got bought out by Mobime.
I’m a fan of 1Password. Makes it easy to keep all my secrets in one place, behind a yubikey.
1Pass auto fill of 2FA is so OP on desktop.
I love the family sharing features as well.
I switched to 2FAS.
You can’t export from FreeOTP. Ente doesn’t appear to be open source. Tofu is an option but I’m afraid it might not be maintained.
You can export from freeOTP+ Its great. You can back up to another password manager by simply copying the shared secret also. But I don’t think it’s available for iOS. Oh well, if you want more freedom and privacy, you’ll have to move to android.
Ente Auth seems open source: https://github.com/ente-io/auth
But the need for account is trowing me off a little bit. I’ll give a try to 2FAS as well.
I was in the middle of switching 2FA over to Raivo from Apple Keychain and you drop this aaaaa-
I was for a while contemplating myself to switch to Raivo from 2FA 😂. Now I’ll stay put. 😇
deleted by creator
Recommending iCloud keychain in a privacy forum??
It’s actually pretty good security-wise, the main issue is that it completely locks you into the Apple ecosystem, while other 2FA apps and password managers are all cross-platform.
Good security-wise, maybe. But who protects you from Apple? They have access to everything they so conveniently sync for you for free. That is neither secure nor private. The same goes for Google. People don’t understand how much of your stuff they have access to.
Fan of OTP Auth
I‘m using Google Authenticator, but so far nobody else here seems to, am I doing it wrong??
Considering googles track record with privacy I would hesitate to use it
I use Authy. It has Apple Watch app for quick access.
I am undecided btw 2FAS and Ente. 2FAS has an excellent UI, but there is no desktop app. Ente requires an account, but it’s not a problem considering that everything is E2EE and it’s a company with good reputation.
