Ask HN: Is Google phasing out Authenticator/TOTP?

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
OTP Totp Hotp Android two-factor-authentication

WorkOS - The modern identity platform for B2B SaaS
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
workos.com
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • Aegis

    A free, secure and open source app for Android to manage your 2-step verification tokens.

    • Just FYI, it's possible to backup your codes on Android using Aegis too. No root needed.

    https://github.com/beemdevelopment/Aegis

  • rust-u2f

    U2F security token emulator written in Rust

    • As it becomes easier to emulate hardware tokens[1], Google may start limiting which ones it accepts. I believe they can use attestation keys to do that.

    This is just a softer layer of security to slow down less sophisticated mass signup attempts.

    They may very well eventually phase out TOTP, under the justification that it is not as secure, but I would be shocked if they ever retire the highly insecure SMS verification.

    TOTP is really easy to implement, and adds a ton of value. I have a oneliner that takes a screenshot, extracts the QR code with zbarimg, and adds it to my pass[2] password database, which then hooks back into my browser. I use it whenever it is available because it is so low effort.

    [1]: https://github.com/danstiner/rust-u2f

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • pass-import

    A pass extension for importing data from most existing password managers

  • andOTP

    Discontinued [Unmaintained] Open source two-factor authentication for Android

    • I use andOTP[1] installed via f-droid. You can easily get a backup file with your codes.

    [1] https://github.com/andOTP/andOTP

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • what is the best OTP auth tool in 2023?

    4 projects | /r/fossdroid | 9 Mar 2023

  • Almost did the biggest blunder

    3 projects | /r/Bitwarden | 19 Apr 2022

  • andOTP disappeared?

    3 projects | /r/PrivacyGuides | 18 Feb 2022

  • My 2FA app stopped working and now I can't login to RED

    2 projects | /r/trackers | 7 Dec 2021

  • If you are using 2 Factor Authentication, don't make the same stupid mistake I did! Important if you plan to switch/upgrade your phone

    2 projects | /r/CryptoCurrency | 28 Oct 2021