As we all know, Ravio has been removed from the recommended multi-factor authentication apps for iOS on PrivacyGuides.
As I want to export all my TOTP codes out of Ravio ASAP, what apps are you migrating towards? I know a few were mentioned such as:
• Tofu • Ente • 2FAS • FreeOTP • Bitwarden TOTP + Yubikey
The built in password manager and keychain can handle OTP since a few versions back.
I’m a fan of OTP Auth.
It’s been reliable, supports local and cloud backup / exporting, is simplistic in use and has a strong privacy policy.
You could always make a kdbx file for all of your totp seeds only and use an editor for ios, like keepassium or strongbox.
I use Bitwarden for everything, including my totp codes. I should probably use a separate app solely for Bitwarden’s totp code, but the danger of losing it all gives me such a rush!
You can write down your Bitwarden 2FA recovery codes and keep multiple copies of them in safe and private places
Apple Keychain OTP
I use Authy. It has Apple Watch app for quick access.
I have been using Authy as well. Works great in an apple ecosystem too.
Allows a quick copy from your phone to paste into computer browser when prompted for super easy usage.
Fan of OTP Auth
I am undecided btw 2FAS and Ente. 2FAS has an excellent UI, but there is no desktop app. Ente requires an account, but it’s not a problem considering that everything is E2EE and it’s a company with good reputation.
I’m currently enjoying ProtonPass’ built-in 2FA. You gotta be on a paid plan, however, but it’s worth it imo.
Where are you keeping the 2FA code for your proton account? (Supposing you have it set up)
I keep that one in my iCloud keychain just out of convenience
So I’m not on iOS but… the websites I need to use for various work things all require that you use a specific authenticator. But they all choose a different random one. It drives me insane. I have 4 different apps. Google Authenticator, Authy, Duo Mobile, and Onelogin Protect. I pray I change jobs before I get a new phone.
Oh that’s interesting. I know for my work, it says to use Google Authenticator, but I am still able to sign up with any app of my choice.
I realize there are exceptions to this, and you might fall into that category, but…
Most of the time when websites say they require a particular app, they actually don’t. Like if a website says to use Google Authenticator, you can actually use any TOTP app. There is even a workaround for using Steam’s TOTP without their app.
Don’t be scared to just try importing the QR or text based code into another app when you are signing up for a service. A functioning website won’t let you progress to the next screen without having the proper code in your app.
I’m currently in the process of switching to 2fas. It seemed the best available alternative for me.
I switched to 2FAS.
You can’t export from FreeOTP. Ente doesn’t appear to be open source. Tofu is an option but I’m afraid it might not be maintained.
Edit: Use Ente. It’s the best option.
Tofu is an option but I’m afraid it might not be maintained.
They made an annoucement 2 weeks ago about switching maintainer.
https://github.com/iKenndac/Tofu
2FAS
They only support iOS/iPadOS 16.4 or later… no go for me
You can export from freeOTP+ Its great. You can back up to another password manager by simply copying the shared secret also. But I don’t think it’s available for iOS. Oh well, if you want more freedom and privacy, you’ll have to move to android.
Ente Auth seems open source: https://github.com/ente-io/auth
But the need for account is trowing me off a little bit. I’ll give a try to 2FAS as well.
From ente Authenticator launch blog post, they do state it is open-source.
I’ll be using BitWarden as my 2FA app. I use KeePass as my password manager so it would still be two different services/apps.
I was planning on using Tofu but it has no FaceID which is mandatory IMO.
Edit: After digging into 2FAS, I think it is now my top choice. Seems like more of a drop in replacement for Raivo. https://2fas.com/
My second choice is (as of this edit) Owky. I’ve not seen anyone talking about it, but it’s FOSS and has the ability to export your TOTP codes.
Im a little worried about it not being maintained though, since it’s a single developer.
https://apps.apple.com/us/app/owky-two-factor-authenticator/id1602245257
Other options I’ve considered:
Tofu Authenticator. Unfortunately it’s basic though and lacks the ability to export.
ente Authenticator. Account required, and I’m a little undecided on the company. Might be a serious option though.
OTP Auth
