KeePassOTP
twofactorauth
KeePassOTP | twofactorauth | |
---|---|---|
2 | 12 | |
353 | 3,342 | |
- | 0.5% | |
6.1 | 9.4 | |
3 months ago | 5 days ago | |
C# | Ruby | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
KeePassOTP
-
A message from All Tabs Helper add-on developer
I don't think you have to reveal any information for two factor to work. All you need is a bit of software that can generate TOTP codes. FreeOTP, for example. You don't even need a mobile device if you don't want to: on windows, KeePass can do it (more easily with KeePassOTP or TwoFactorQrCodeReader)
-
Best site that provided a list of sites with two factor authentication (2FA) support
More coroboration that the domain was sold - https://github.com/Rookiestyle/KeePassOTP/releases/tag/v0.26
twofactorauth
-
Find which accounts could support 2FA
FYI: Sites that provide 2FA may or may not be listed in https://github.com/2factorauth/twofactorauth
-
All your SMS are belong to us
Using the 2fa.directory as a start, I recently went searching for banks that specifically support MFA via hardware or software tokens. Almost all are non-US based which shows how far behind the US financial industry is w/r MFA. I found one, First Tech Federal Credit Union, which supports software tokens using the Entrust IdentityGuard app. They support business and personal accounts and you can apply online.
- The twofactorauth[.]org site has been taken over
- Ask HN: What Happened to Twofactorauth.org?
-
Best site that provided a list of sites with two factor authentication (2FA) support
Further information that the domain was sold by one of the contributors due to a dispute - https://github.com/2factorauth/twofactorauth/issues/5238
-
Where did the list of 2FA websites go? I cannot find it anymore
See: The twofactorauth[.]org site has been taken over #5238
-
Daily Fi Discussion Thread Wednesday February 17
That said, where possible, 2FA should not rely on a phone number. SMS and Voice are unauthenticated and unencrypted. It's easy and cheap enough to setup a stingray to grab all text messages in an area, and SIM swap attacks are also typically pretty easy (difficulty varies by provider from incredibly simple to might require calling back a few times to get the right rep). Switch to an authenticator app for anything that supports it (https://twofactorauth.org/).
-
Is 2FA too risky?
I backup my seed data every account that has 2FA/MFA support (see https://twofactorauth.org/) into Keepass. It's fairly simple to do. I use a program like Windows' Snipping Tool to capture the QR code displayed by the new 2FA-based service and I save the file as an attachment into my Keepass on the password entry for the 2FA-based service. I also use a QR code reader that deciphers the QR code and then I save that URI string into Keepass as well, extracting the TOTP seed data and also using the KeePassOTP or other KeePass plug-in to allow me to generate TOTP codes directly from my Keepass vault files on either my PC or Android devices.
-
Security Reminder to turn on MFA and use strong passwords on your accounts
Also https://twofactorauth.org/ to check which of your sites have it as an option.
-
10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities
It's absolutely unacceptable. A visit to https://twofactorauth.org/ will quickly either dash or build your hopes for the future of online security, depending entirely on what country you live in.
What are some alternatives?
KeeTrayTOTP - Tray TOTP Plugin for KeePass2.
authelia - The Single Sign-On Multi-Factor portal for web apps
KeePassWinHello - Quick unlock KeePass 2 database using biometrics with Windows Hello
twofactorauth - List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software. [Moved to: https://github.com/2factorauth/twofactorauth]
keepassrpc - The KeePassRPC plugin that needs to be installed inside KeePass in order for Kee to be able to connect your browser to your passwords
awesome-runners - A curated list of awesome self-hosted GitHub Action runners in a large comparison matrix
pass-otp - A pass extension for managing one-time-password (OTP) tokens
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
HIBPOfflineCheck - Keepass plugin that performs offline and online checks against HaveIBeenPwned passwords
TwoFactorAuth.Net - .Net library for Two Factor Authentication (TFA / 2FA)