**bthylafh** @bthylafh@social.privacytools.io · 2019-08-11T02:28:20Z

bthylafh @bthylafh@social.privacytools.io

bthylafh @bthylafh@social.privacytools.io

@Xoktz@mastodon.host
Authy has a pretty good privacy policy. Its killer feature is that it can back up and sync your TOTP tokens between devices, so if your phone breaks you're not locked out.

Aug 11, 2019, 02:28 · · Tusky · · ·

**yati** @yati@koyu.space · Aug 11, 2019, 09:07

**yati** @yati@koyu.space · Aug 11, 2019, 09:07

Aug 11, 2019, 09:07

yati @yati@koyu.space

@bthylafh
That is the exact reason I would rather not recommend Authy. You give away your TOTP token to a third party. Don't do that.
I'm using Keepass + KeeOTP plugin, works great. On Android the App Keepass2Android also supports TOTP.
@Xoktz

**bthylafh** @bthylafh@social.privacytools.io · Aug 11, 2019, 13:49

**bthylafh** @bthylafh@social.privacytools.io · Aug 11, 2019, 13:49

Aug 11, 2019, 13:49

bthylafh @bthylafh@social.privacytools.io

@yati @Xoktz@mastodon.host

Fair, but your tokens are password-protected so they presumably can't see them. That's how it works with password managers like Lastpass and Bitwarden; the server sees only the encrypted blob.

**yati** @yati@koyu.space · Aug 11, 2019, 14:37

**yati** @yati@koyu.space · Aug 11, 2019, 14:37

Aug 11, 2019, 14:37

yati @yati@koyu.space

@bthylafh
So, as often, it breaks down to using a strong password (passphrase).

@Xoktz

Resources

Developers

What is Mastodon?

social.privacytools.io

More…