So, what do people use for 2FA code generation?. Google Authenticator appears dead and can't migrate devices. Authy had that account recovery bug, and twitter makes me either give them a phone number or a 2FA app before I can use a u2f token.
Conversation
Replying to
Switched to FreeOTP on iOS awhile ago, from Google Authenticator. Don’t find myself using TOTP much these days though.
1
3
What I want is a global backup code I can write down on a piece of paper for when I lose my phone. Anyone offer that?
6
2
FreeOTP's configuration is a single XML file. If you have a rooted android you can extract that and get all your TOTP seeds.
It's not great, but it's a similar user experience to "what happens if I lose my yubikey" on sites where you can't enroll multiple keys.
2
FreeOTP permits backups so it can also be backed up and restored across devices via any backup service supported by the OS or adb backup/restore. The `adb backup` command can also be used to obtain the data. No need for root access unless an app disables standard backup support.
Yep yep. I should probably explain _why_ I used root specifically: I wanted the seeds as I wrote a desktop TOTP app (not just to restore to a different phone, which has always worked + is really cool).
I'm a big fan of this choice, allowing backup apps to back up that DB.
1
What I mean is that it's also possible to use `adb backup org.fedorahosted.freeotp` and then extract the backup with a tool like android-backup-extractor.
1
1
Show replies