That’s only if your google account is compromised right? nostr:npub1f6ugxyxkknket3kkdgu4k0fu74vmshawermkj8d06sz6jts9t4kslazcka
Discussion
No. Google Authenticator Cloud Sync is still not end-to-end encrypted. So even Google could potentially access a user's 2fa codes.
Are you using google authenticator? Why not Aegis + Syncthing?
I purposely went with google Authenticator because of the syncing feature. I didn’t want to be locked out if I lost my phone.
Also because I have never heard of Syncthing before
Gotcha. It's good stuff.
https://www.privacyguides.org/en/file-sharing/#syncthing-p2p
Another way is to have a old phone and backup your code or print the qr backup code and put it in a safe.
Just use Syncthing to backup your local Aegis folder to othet devices, then you can use your favorite e2ee app or system that syncs these files to your server or secure cloud storage like proton drive etc.
You can get the Android app on their site from F-Droid (I recommend F-Droid Basic if you decide to go that route--it has unattended updates) or better yet get it straight from github here:
I have a iPhone 🤣
Oof 😖
No mobile shaming, but seriously...Pixel + GrapheneOS is the way to go for usable mobile privacy and security. Maybe check it out for your next device :)
Do you use Proton Drive? They have an iOS app
I switched to iPhone after Apple refused to help the FBI crack open a terrorists iPhone
I was once an Apple user, so I get it. Unfortunately Apple have so many other issues though, not the least of which are the multiple VPN bypass vulnerabilities they still haven't patched on iOS since 2020.
That would be the fourth generation iPhone. First phone FBI claimed could not be cracked unless Apple helped them. Then a hacker guy I knew of cracked that very model.
I used it first on iPhone Authy and now 2FAS Auth which I think is the closest thing to Aegis or is there any better?
What's your opinion on the new Bitwarden Authenticator standalone app which is available for Android and iOS?
SOB. This is why we can’t have nice things
What about 1Password and Authy?