Don’t use Google Authenticator to store 2FA codes or Google Browser to store passwords or passkeys.
Keep your secrets off Google products because those are synced and accessible in the cloud anywhere in the world.
In the unfortunate event that hackers compromise your Google account they will have access to everything they need to digitally become you.
If Google bans your account your digital identity is pretty much gone with it too.
Convenience is the enemy of security.
Let’s go Passport Prime! nostr:nprofile1qqsg8k9myvegcelvu2klzvrdh9lr7qnms57chkhjymgpcts09n4dutspzemhxue69uhkummnw3ezu7rdwgh8ymmrddej7qgawaehxw309ahx7um5wghx6at5d9h8jampd3kx2apwvdhk6tcqfv6q9
Came here to post this!!
Uuuu I want one
Secure your entire digital life. Offline. Great advice 🧡
Let’s go Passport Prime! @Foundation
What’s a good alternative to Google Authenticator?
I’m using Ente Auth right now, works like a charm.
Bitwarden, KeePassXC
Authy is good
Authy is a pain to migrate away from, be advised.
Why would one even move away? Has been working great since years now.
I moved because they EOLed the desktop app.
OK, valid point.
I'm neither pro or against it, will use something else eventually
Security keys for life.
Though I am fed up with Yubikey
What's your dissatisfaction with Yubikeys?
because why use them when you can make your own with custom firmware?
I don't have the capability of manufacturing such a device in the same form factor, not developing or supported the software and support infrastructure.
You can also grow your own food. What's keeping you.
Something solved a year ago without reported incidents to users.
Might as well don't even use phones at all. I'm sticking with Authy, works great across multiple devices.
When you know something better and equivalent in features, do mention.
What 2FA would you recommend?
I think its ok for Google Services & random non-important* quick logins, just to skipp wasting time on long account setup steps.
*=>redo account if turns out important, later
I like Aegis for 2FA =3
And convenience is also the death of privacy
Google Authenticator can be used without cloud sync
I have a banger of a post coming tomo. 🤙
nostr:nprofile1qqsqqqqqqzp8l74ff0l29zxrml8yggk8jnamje39k6e3ayzf7u5awqqpzpmhxue69uhnzdps9enrw73wd9hsz9thwden5te0v4jx2m3wdehhxarj9ekxzmnyj2d6ww It took longer than I thought, but it's done now. 🤙
Use Google Authenticator, just don’t sign in with your Google credentials.
They don’t sync if you’re not signed in . That was the lesson after Junseth’s scam call documentary.
I can't believe people still don't know these things
So I think you can opt out of the cloud sync. And you can use the app without your Google account.
Could be wrong though.
💯 I like 2FAS
I use 2FAS, open source and very convenient to use.
I noticed someone suggested Authy in the comments.
Please, don't follow this advice.
Since Authy was bought by Twilio, it suffered a few breaches. This is a major one: https://www.forbes.com/sites/kateoflahertyuk/2024/07/04/authy-warns-33-million-users-update-your-ios-or-android-app-now/
well, I have number of yubikeys that works with authy. now all useless ??
And that's why we built Passport Prime 🧡
Hardware key like Jade can do this too. Or something as simple as Proton Pass. Keep your keys separate from all accounts!
If asked, I would always advise everyone to literally cease using anything that is offered by Google ... including Search, GMail, and their over-rated Authenticator. Furthermore, the only mobile phone worth using is one that has been "De-Googled".
Really the only purpose of my Gmail is for YouTube. Otherwise, nothing on Google side for me.
No good reason to use the cloud, it can be backdoored by the government which can be abused by bad actors, I just use encrypted tarball and external SSD for backup!
