this post was submitted on 02 Jul 2024
21 points (92.0% liked)

Privacy

6900 readers
11 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
iopq@lemmy.world
21
Privacy@lemmy.world : An open source two factor auth app that syncs keys between devices? (lemmy.world)
submitted 1 year ago by TheTwelveYearOld@lemmy.world to c/privacy@lemmy.world
6 comments fedilink hide all child comments
 

Isn't the value of two factor auth that it requires a physical device (your phone or computer) with the auth key to authenticate you? Then why don't many two factor auth apps seem to support syncing? If it's fine to do so, are there any open source cross platform apps that sync keys?

you are viewing a single comment's thread
view the rest of the comments
[–] Successful_Try543@feddit.org 4 points 1 year ago* (last edited 1 year ago)

Nextcloud + Passman would do so.

One could argue that this is against the idea of 2FA. In case you lose your device, you should simply use another with different token and delete the validity of the lost one.

Additionally, as 2FA is supposed to add an extra layer of security, having 2FA token and passwords stored in the same db is also not the best idea in that regard.