twofactorauth
Bitwarden
twofactorauth | Bitwarden | |
---|---|---|
12 | 1,057 | |
3,340 | 14,401 | |
0.5% | 1.4% | |
9.4 | 9.8 | |
8 days ago | 5 days ago | |
Ruby | C# | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
twofactorauth
-
Find which accounts could support 2FA
FYI: Sites that provide 2FA may or may not be listed in https://github.com/2factorauth/twofactorauth
-
All your SMS are belong to us
Using the 2fa.directory as a start, I recently went searching for banks that specifically support MFA via hardware or software tokens. Almost all are non-US based which shows how far behind the US financial industry is w/r MFA. I found one, First Tech Federal Credit Union, which supports software tokens using the Entrust IdentityGuard app. They support business and personal accounts and you can apply online.
- The twofactorauth[.]org site has been taken over
- Ask HN: What Happened to Twofactorauth.org?
-
Best site that provided a list of sites with two factor authentication (2FA) support
Further information that the domain was sold by one of the contributors due to a dispute - https://github.com/2factorauth/twofactorauth/issues/5238
-
Where did the list of 2FA websites go? I cannot find it anymore
See: The twofactorauth[.]org site has been taken over #5238
-
Daily Fi Discussion Thread Wednesday February 17
That said, where possible, 2FA should not rely on a phone number. SMS and Voice are unauthenticated and unencrypted. It's easy and cheap enough to setup a stingray to grab all text messages in an area, and SIM swap attacks are also typically pretty easy (difficulty varies by provider from incredibly simple to might require calling back a few times to get the right rep). Switch to an authenticator app for anything that supports it (https://twofactorauth.org/).
-
Is 2FA too risky?
I backup my seed data every account that has 2FA/MFA support (see https://twofactorauth.org/) into Keepass. It's fairly simple to do. I use a program like Windows' Snipping Tool to capture the QR code displayed by the new 2FA-based service and I save the file as an attachment into my Keepass on the password entry for the 2FA-based service. I also use a QR code reader that deciphers the QR code and then I save that URI string into Keepass as well, extracting the TOTP seed data and also using the KeePassOTP or other KeePass plug-in to allow me to generate TOTP codes directly from my Keepass vault files on either my PC or Android devices.
-
Security Reminder to turn on MFA and use strong passwords on your accounts
Also https://twofactorauth.org/ to check which of your sites have it as an option.
-
10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities
It's absolutely unacceptable. A visit to https://twofactorauth.org/ will quickly either dash or build your hopes for the future of online security, depending entirely on what country you live in.
Bitwarden
-
Essential Tools & Technologies for New Developers
Bitwarden
-
Ask HN: Why does Bitwarden not comment their code?
I was looking through the Bitwarden server repository (https://github.com/bitwarden/server ) and was surprised to see that no comments (xml or otherwise) were availible.
Is this normal in an entreprise setting? I thought it was standard to comment every public member (Visual Studio warnings).
- Bitwarden
- End of Life for Twilio Authy Desktop App
-
What program(s) do you use to remember passwords, including crypto?
For passwords and 2FA I use Bitwarden in combination with a self-hosted Vaultwarden service (for imcreased security and use of pro features for free).
- Ezt az üzenetet kaptam ma a Simple-től!!
-
Amazon Account with unauthorised purchases, did my google passwords get leaked
First it's good to use a password manager, however it's not a good idea to use the one built into your browser. I would suggest switching to BitWarden or similar (not LastPass).
-
Did I mess up?
I just noticed today when relogging in on Bitwarden (I couldn't sync my vault) that it said "Logged in as [email] on __$2__" instead of "Logged in as [email] on bitwarden.com". I don't know why or how that happened, and I have no idea what it means. Did I screw up somehow? Just to be clear, I did login and just after I logged in my brain realized that it said "__$2__" instead of what it should say.
-
Bitwarden Self-hosted not updating to 2023.12.0
bitwarden:~$ sudo ./bitwarden.sh updateself _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2023, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 2023.10.3 Docker version 24.0.7, build afdd53b Docker Compose version v2.21.0 Updated self. bitwarden:~$ sudo ./bitwarden.sh update _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2023, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 2023.10.3 Docker version 24.0.7, build afdd53b Docker Compose version v2.21.0 Update not needed bitwarden:~$
-
⟳ 0 apps added, 1 updated at mobileapp.bitwarden.com
Bitwarden (version 8588): A secure and free password manager for all of your devices.
What are some alternatives?
KeePassOTP - Add OTP support (two factor authentication) to KeePass
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
authelia - The Single Sign-On Multi-Factor portal for web apps
Passbolt - Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
twofactorauth - List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software. [Moved to: https://github.com/2factorauth/twofactorauth]
sysPass - Systems Password Manager
awesome-runners - A curated list of awesome self-hosted GitHub Action runners in a large comparison matrix
Teampass - Collaborative Passwords Manager
TwoFactorAuth.Net - .Net library for Two Factor Authentication (TFA / 2FA)
Padloc - A modern, open source password manager for individuals and teams.
PatternFly - This repo contains core (HTML/CSS) implementation for PatternFly. Issues related to CSS/HTML and layout should be filed here.
bitwarden_rs - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs [Moved to: https://github.com/dani-garcia/vaultwarden]