Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
On Android, andOTP is good.
It is open source, maintained, easy to use, can do backups and re-present the QR code so you can easily scan it with another device.
https://github.com/andOTP/andOTP
The most common solution is one-time-use backup codes that most services give you when enrolling. Hopefully you saved them somewhere safe!
The main issue is Google Authenticator and how popular it is. As GP noticed, it doesn't flag the files as being allowed for backup which is kind of ridiculous. Almost anything is better, https://getaegis.app/ is my recommendation.
You can also manually backup your seed (screenshot / save the QR code during enrollment).
One common 2FA method is TOTP (time-based, one time password). Bitwarden [0] is a password/secrets manager that you can host yourself. It supports TOTP so you can just use that instead of a separate app like Google Authenticator or Authy. I would not recommend this personally as if you expose your master password for bitwarden, you've also made it possible for the attacker to sign in via 2FA... which normally would require access to your phone or backup keys. But it is more convenient.
Basically, people should be using password managers by this point. I recommend bitwarden because you can host it yourself, it's good for storing other secrets, and it has browser plugins/apps.
[0]: https://bitwarden.com/
TOTP support is free if you selfhost it, e.g. with Vaultwarden [0].
0: https://github.com/dani-garcia/vaultwarden
You can use https://authenticator.cc/ with Chrome or Firefox. There are many other TOTP generators for desktop. No need for Google Authenticator.