As we all know, Ravio has been removed from the recommended multi-factor authentication apps for iOS on PrivacyGuides.
As I want to export all my TOTP codes out of Ravio ASAP, what apps are you migrating towards? I know a few were mentioned such as:
• Tofu • Ente • 2FAS • FreeOTP • Bitwarden TOTP + Yubikey
Not on iOS but I like my yubikeys. Depending on your requirements (if you have less than 32 TOTP accounts per yubikey), they can handle your TOTP directly instead of just using them to unlock Bitwarden.
For security I don't like to keep my TOTP keys in my password manager, even if it is strongly protected. With a yubikey I can ensure that both access to the key AND a physical touch is necessary to generate any codes. So even if I leave it plugged in on a remotely compromised PC I'm mostly protected, because a touch is required.
I guess why not use the yubikey for webauth instead of totp?
yeah, when sites support it, that's definitely the best option, but many sites only barely do totp lol so I have to have to put the totp codes somewhere, and the yubikey handles it in a pretty nifty way
Gotcha. And I guess what backup method do you use? (Like a second YubiKey, recovery codes somewhere safe, a 2fa app discretely hidden)
mostly recovery codes. I have multiple yubikeys but that's mostly for work