Yubikey on a phone?
Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Yes, it's relatively convenient with NFC.
Yep. Just download the Yubico Authenticator app. Your OTPs wont show up unless you tap your physical Yubikey to your phone's NFC chip.
Only downside is, the Yubico Authenticator only allows 32 accounts. So i have my most important accounts on there.
I reccommend ente auth. privacyguides.org added it a while ago.
Any iOS alternatives? Couldn’t find either of these in the App Store.
Bitwarden has been working well for me on iOS. It’s a paid feature though. $10 a year I think
+1, well worth the 10 bucks.
Bitwarden has a 2fa function?i didn't know it. But I don't fully trust online apps for storing passwords though. A server can always be exploited
Bitwarden uses end to end encryption. This severely reduces the risk their infra is attacked. The encryption keys exist on your devices only so it’s impossible to read the server side data.
The only real question is how much you trust Bitwarden as a company. Are they completely lying about E2EE to customers and auditors? If not, then Bitwarden is a good choice.
Oh and ya, it’s has a one time passcode function. Works great! It will even autofill into OTP fields… sometimes 🙂
Yeah, FreeOTP exports are broken. Can't import them back to FreeOTP, can't import them to another application. I've spent 2 hours writing a script to decrypt the export manually, the resulting codes are not accepted anywhere probably because ciphers are not written to the file properly. I've been going around restoring accounts for the past month. Fuck FreeOTP.