FOSS enthusiast and anime fan.

PS: I am more active on my lemmy account DM me there

  • 1 Post
  • 3 Comments
Joined 2 years ago
cake
Cake day: June 24th, 2023

help-circle
  • For many TOTP may be a good option; but my experience with TOTP has been less than subpar.

    Initially I did use TOTP like you’re supposed to; but after my last phone died I had to set up TOTP on the accounts that used it *after* getting into them without it using backup codes.
    This lead me to put the TOTP stuff inside my KeePass vault (as KeePassXC supports TOTP) which is backed up (unlike most TOTP solutions I’ve used).
    The problem now is that my 2FA keys are stored in the same location as my passwords… (not that I’m worried about someone breaking the vault; but this is *not* how 2FA is supposed to work).

    Additionally I have some other issues with TOTP that make it far from ideal for me and hardware keys seem to be a good fit to solve my issues with TOTP.


  • Let’s *NOT* go that route.

    I’m very much looking for a hardware key to avoid biometrics (I can have a field day expressing my opinions on those; but in general they tend to be the weakest MFA factor and most have known working bypasses based on photos).
    This leans a little too close to that for me to consider, let alone all of the things you have to consider when putting implants in your body.


  • I don’t have a key yet (which is why I’m asking) and I definitely want it in combination with passwords (they can take the key using force; but they can’t take thoughts out of my head just yet).

    As for android apps not working with the yubikey: try giving KeePassDX a shot; I got it from F-Droid and it does give me a hardware key field with the option to autofill with “Yubikey challenge-response”.