NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: OAUTH TOTP



Benny Siegert <bsiegert%gmail.com@localhost> writes:

> The cheapest way to have TOTP is to install Google Authenticator on
> your phone.

Be careful when you choose a TOTP program that you are able to back up
the seeds yourself, and that the program does not send the seeds to the
cloud not adequately protected in the name of cross-device syncing.
Last I heard Google Authenticator was not ok, but maybe that has changed
and it is now impossible to sync without e2e encryption inaccessible to
google.

> Hopefully, you can use proper Security Keys too (WebAuthn and
> whatnot), in which case I highly recommend a Yubikey.

I also recommend yubikeys.


Home | Main Index | Thread Index | Old Index