88
Aegis vs Authy
(lemmy.ml)
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.
I hope you're not also using Bitwarden as your password manager. Having your authenticator and your password manager accessible in the same place, with the same account, completely defeats the point of 2FA.
I am using it as my password manager, and I understand it puts all my eggs in the Bitwarden basket. But I don't think it defeats the purpose of 2FA. For example, someone getting my Google password doesn't mean they have my TOTP needed to get into my Google account, or any other account with 2FA.
It's only as weak as the weakest link. If you're using a strong and unique password as well as a strong 2FA (FIDO2) to access your Bitwarden account then it's an acceptable trade-off.
If you are able to open your password vault from the device you use as a second factor (which you probably do) the whole point is defeated anyways. Multiple apps on the same device won't save you.
But I have Bitwarden setup to need 2fa.
It's passwords all the way down!