![]() I recommend Aegis (Android) or Raivo (iOS). Both options provide an additional layer of security, but a hardware key is generally considered to be more secure.įor what 2FA app to use, I (and almost every privacy advocate IMO) don’t recommend using Google Authenticator/Closed-source authenticator apps. Ultimately, the choice between using an offline 2FA app on a smartphone and a hardware key depends on your personal preference and risk tolerance. Just make sure to keep the old smartphone in a secure location and take care not to lose it. It gets a higher rating on the Google Play store than any other authenticator app included here (4.8. Durable and reliable: High quality design and resistant to tampering, water, and crushing. Aegis Authenticator is a free and open-source option for Android users. ![]() However, if you take precautions like installing the app on an old smartphone that’s not connected to any accounts, it can certainly be a practical solution. Multi-protocol: YubiKey 5 Series is the most versatile security key supporting multiple authentication protocols including FIDO2/WebAuthn (hardware bound passkey), FIDO U2F, Yubico OTP, OATH-TOTP, OATH-HOTP, Smart card (PIV) and OpenPGP. While it can still provide an additional layer of security, it’s not as secure as a hardware key. In contrast, an offline 2FA app on a smartphone generates the code within the app itself. When using OATH with a YubiKey on desktops or mobile devices, the shared secrets are stored and processed in the YubiKey’s secure element. This means that even if someone steals your password, they wouldn’t be able to access your account without also having the physical key. Use OATH with the YubiKey OATH is an organization that specifies two open authentication standards: TOTP and HOTP. ![]() In terms of whether an offline 2FA app on a smartphone can provide the same security as a hardware 2FA key like YubiKey, it’s important to understand the differences between the two.Ī hardware 2FA key like YubiKey is a physical device that generates a unique code for each authentication request. ![]() It’s great that you’re thinking about security when it comes to using 2FA. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |