Aegis
two-factor-auth
Our great sponsors
Aegis | two-factor-auth | |
---|---|---|
297 | 1 | |
8,002 | 298 | |
10.1% | - | |
8.6 | 0.0 | |
6 days ago | over 1 year ago | |
Java | Java | |
GNU General Public License v3.0 only | ISC License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Aegis
- Degoogling in 2024
- Aegis v3.0 – a free, secure and open source 2FA app for Android
-
End of Life for Twilio Authy Desktop App
For 1Password I use a Yubikey, but for 2FA in general, I have a backup phone running Aegis[1].
[1] https://getaegis.app/
-
Are there good alternatives to Google for 2FA?
Bottom line is, why in the world would you use a mysterious closed source app when there are better options out there? 2FAS is one of the better ones. Aegis Authenticator is another good choice for Android devices.
-
Amazon Account with unauthorised purchases, did my google passwords get leaked
You can enable 2fa with amazon I suggest you do that with a 2fa app like aegis, that will greatly increase the security of your account and require the 2fa code to login to your account.
-
PSA: Some Pixel owners still can't dial 911 during an emergency
Aegis Authenticator has been a lifesaver for me: https://getaegis.app/
-
Ask HN: How do you deal with TOTP 2-factor auth?
I use Aegis[1] on mobile and OTPClient[2] on my computer, both are regularly backed up on change.
I do not use the TOTP feature in my password manager (though I can split it to new DB in keepassXC) as feel it will defeat the purpose of 2FA.
[1] https://github.com/beemdevelopment/Aegis
-
All my Open Source App Alternatives
Google Authentificator → Aegis
- Offline Device to backup MFA seeds
- Ist sonst noch jemand genervt von diesen Authenticator-Apps von Microsoft und Google?
two-factor-auth
-
How does Google Authenticator work?
It's really easy to integrate into websites as well. I did so a few years ago. The TOTP algorithm is just a few lines of code. I adapted this implementation https://github.com/j256/two-factor-auth at the time. There are similar libraries available for lots of languages.
You need a library like that and a way to convert an otp:// url into a QR code, for which there are many libaries as well. The rest is just implementing a sane UX around this. Storing the user's TOTP secret server side is a bit tricky. I suspect a plain text field in a database is quite common for this; which of course would be disastrous if that database were ever stolen. Secret stores don't scale for this as they tend to be designed for just a handful of secrets. We ended up encrypting these totp secrets using a key from our secret store.
What are some alternatives?
andOTP - [Unmaintained] Open source two-factor authentication for Android
pass-otp - A pass extension for managing one-time-password (OTP) tokens
google-authenticator - Open source version of Google Authenticator (except the Android app)
ios-application - A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
AuthenticatorPro - 📱 Two-Factor Authentication (2FA) client for Android + Wear OS
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
pyotp - Python One-Time Password Library
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
strongbox - A secret manager for AWS