I use a second password manager and a backup Yubikey as my own solution. The Bitwarden authenticator generates six-digit time-based one-time passwords (TOTPs) using SHA-1 and rotates them every 30 seconds. Another route can be to use a Yubikey or have a backup phone running the same TOTP with Google authenticator. Dashlane’s free option works great for that and the fact that it can only be used on 1 device might be a security feature in this case You could also use LastPass’ Authenticator app and have it backed up via a linked free LastPass account. (2) I’d simply use a second password manager that can store TOTPs. In general I do not like security features that tie themselves to a phone number. But a 2FA that advertises the ability to be logged in via a browser extension, desktop app, and mobile apps adds a lot of unnecessary attack vectors and thanks to human nature users might login via all of them for convenience. As far as I know they are not in any form competing in the password manager space. Autofill stores your passwords under your Microsoft account. Autofill and sync your passwords across mobile, Microsoft Edge and Google Chrome. Both TOTP and Push notifications can be configured with AzureAD via Sign in to your account Authenticator App I want to use a different authenticator app Can’t scan image copy the secret key and paste it on the Bitwarden app. Why does Bitwarden and 1Password recommend Authy? Probably because it’s not bad in terms of security and because it is forgiving in terms of cloud backup and recovery options. Autofill is currently being rolled out on iOS and Android as part of the Microsoft Authenticator app, and on Google Chrome as an Autofill extension. yes, it defaults to the Microsoft Authenticator app to configure Push notifications.
0 Comments
Leave a Reply. |