**bthylafh** @bthylafh@social.privacytools.io · Aug 11, 2019, 02:28

**bthylafh** @bthylafh@social.privacytools.io · Aug 11, 2019, 02:28

bthylafh @bthylafh@social.privacytools.io

Aug 11, 2019, 02:28

bthylafh @bthylafh@social.privacytools.io

@Xoktz@mastodon.host
Authy has a pretty good privacy policy. Its killer feature is that it can back up and sync your TOTP tokens between devices, so if your phone breaks you're not locked out.

**yati** @yati@koyu.space · Aug 11, 2019, 09:07

**yati** @yati@koyu.space · Aug 11, 2019, 09:07

Aug 11, 2019, 09:07

yati @yati@koyu.space

@bthylafh
That is the exact reason I would rather not recommend Authy. You give away your TOTP token to a third party. Don't do that.
I'm using Keepass + KeeOTP plugin, works great. On Android the App Keepass2Android also supports TOTP.
@Xoktz

**bthylafh** @bthylafh@social.privacytools.io · 2019-08-11T13:49:54Z

bthylafh @bthylafh@social.privacytools.io

@yati @Xoktz@mastodon.host

Fair, but your tokens are password-protected so they presumably can't see them. That's how it works with password managers like Lastpass and Bitwarden; the server sees only the encrypted blob.

Aug 11, 2019, 13:49 · · Tusky · · ·

**yati** @yati@koyu.space · Aug 11, 2019, 14:37

**yati** @yati@koyu.space · Aug 11, 2019, 14:37

Aug 11, 2019, 14:37

yati @yati@koyu.space

@bthylafh
So, as often, it breaks down to using a strong password (passphrase).

@Xoktz

Resources

Developers

What is Mastodon?

social.privacytools.io

More…