If proprietary app is better and more robust I am willing to try it and assess it myself.
True true. But the auth apps I’ve seen don’t appear to be secure. So if you lose your phone…
And I don’t like hw key because I’m afraid I’ll lose it.
I have a two layer system in place:
-
I use Aegis, I have automatic encrypted backups, and syncthing to synchronize the backups to my private server. If I need to reconfigure Aegis, I just import the backup.
-
I have 2FA backup codes as encrypted text files, which are also synced to my server with syncthing. I have the encryption/decryption software installed on my phone and windows, so I can use a backup code if I don’t have access to Aegis.
One issue was I had to write my own apps for windows and android for encrypting/decrypting the text files 😃. You can check them on GitHub: https://github.com/mcanyucel/TextCrypt-Windows https://github.com/mcanyucel/textcrypt-android
They use SHA256 with random IV and random salt. No warranties, though 😅
