What’s your prefer two-factor authentication app for iOS?

I’m looking for an app that offers the best combination of platform compatibility (preferably available on Mac OS, iPad OS, and iOS), security, usability, and reliability.

It would be great if the app is open source and has a backup feature as well.

I came across a recent Wirecutter article from The New York Timesthat recommends Cisco DUO Mobile as the top choice, followed by Authy and Google Authenticator.

I would greatly appreciate your insights and security perspectives.

Thank you

  • domint@feddit.de
    link
    fedilink
    arrow-up
    22
    ·
    1 year ago

    I use the totp generator included in Bitwarden. It would be more secure to have codes and passwords in different apps, but in Bitwardens case I don’t have a too bad feeling about it.

  • totallynotarobot@lemmy.world
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    1 year ago

    Never had trouble with Authy. Use it on iOS and android, and it’s straightforward and reliable, including when switching/setting up new devices.

    That being said, no app can save you if you don’t have paper backups of those we codes. Stash em in your safe.

  • Established_Trial@lemm.ee
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    I’ve been using the one in 1Password. The main downside is it’s annoying to add a otp into the app if you can’t scan the QR code. I did most of my websites with my iPad and my phone.

    • petercockroach@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Using 1Password kinda defeats the purpose of 2FA though. If someone steals your one password, they can access all of your passwords and your authenticator.

        • petercockroach@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          That’s if you’ve gone through the steps of setting up 2FA for 1Password as well, and at that point you either need another app or access to a text

          • Established_Trial@lemm.ee
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            I do have an app set up just for 1Password 2fa. Also, when you sign into a new device with 1Password you need:

            The password 2fa code Additional “Secret Key” that is account specific that you can only get by logging into 1Password from a trusted device and “adding new device”

            At that point, if they get in, they either really want my info or I’m being held at gunpoint.

  • QuarterSwede@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    The built in one in Settings > Passwords. Automatically autofills in the field. Passkeys are the only thing that’s easier.

  • eofs@sopuli.xyz
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I’m using Raivo. It’s open source, supports iCloud sync (useful if you have multiple devices) and allows you to export and import the keys which is handy if you need to change your device and you don’t use iCloud synchronization.

    You can also set custom icons for the tokens to easily identity different services.

    I switched from mattrubin/Authenticator which worked fine too but the development slowed down. Not that simple OTP would require constant development. I just wanted to make sure that the app would work even if Apple releases new major iOS version.

    Raivo has worked without any issues and I can highly recommend it 👍

    • ndx@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I use tofu too

      Just so you know it’s also an iOS / iPadOS/ Mac system feature if you use safari no need for an app. Just open the password manager and add the otp code. Syncs with iCloud on all your devices.

      • cccc@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Ah didn’t know that. The phone is the only Apple device I use so there’s probably a heap of tips and tricks I’m in the dark about.

  • hoodlem@hoodlem.me
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I use Google Authenticator, but as I am not in favor of big tech I am very open to using another option.