What’s your prefer two-factor authentication app for iOS?
I’m looking for an app that offers the best combination of platform compatibility (preferably available on Mac OS, iPad OS, and iOS), security, usability, and reliability.
It would be great if the app is open source and has a backup feature as well.
I came across a recent Wirecutter article from The New York Timesthat recommends Cisco DUO Mobile as the top choice, followed by Authy and Google Authenticator.
I would greatly appreciate your insights and security perspectives.
Thank you
I use the totp generator included in Bitwarden. It would be more secure to have codes and passwords in different apps, but in Bitwardens case I don’t have a too bad feeling about it.
Never had trouble with Authy. Use it on iOS and android, and it’s straightforward and reliable, including when switching/setting up new devices.
That being said, no app can save you if you don’t have paper backups of those we codes. Stash em in your safe.
I’ve been using the one in 1Password. The main downside is it’s annoying to add a otp into the app if you can’t scan the QR code. I did most of my websites with my iPad and my phone.
Using 1Password kinda defeats the purpose of 2FA though. If someone steals your one password, they can access all of your passwords and your authenticator.
They‘d have to steal your master password and a 2FA code.
That’s if you’ve gone through the steps of setting up 2FA for 1Password as well, and at that point you either need another app or access to a text
I do have an app set up just for 1Password 2fa. Also, when you sign into a new device with 1Password you need:
The password 2fa code Additional “Secret Key” that is account specific that you can only get by logging into 1Password from a trusted device and “adding new device”
At that point, if they get in, they either really want my info or I’m being held at gunpoint.
deleted by creator
Cisco Duo Mobile is nobodies top choice, anywhere lol.
1Password, Last Pass and Apple’s own iCloud Keychain are probably the best of the bunch.
Here a good curated list: https://www.imore.com/best-password-manager-apps-iphone
Unless you are a bank or credit union. Then you just love duo for some reason.
I’m using Raivo. It’s open source, supports iCloud sync (useful if you have multiple devices) and allows you to export and import the keys which is handy if you need to change your device and you don’t use iCloud synchronization.
You can also set custom icons for the tokens to easily identity different services.
I switched from mattrubin/Authenticator which worked fine too but the development slowed down. Not that simple OTP would require constant development. I just wanted to make sure that the app would work even if Apple releases new major iOS version.
Raivo has worked without any issues and I can highly recommend it 👍
Bitwarden Pro
The built in one in Settings > Passwords. Automatically autofills in the field. Passkeys are the only thing that’s easier.
I have used Duo for work for the past 5 years. I have never had any issues.
I use Tofu. It does exactly what it should and nothing more.
I use tofu too
Just so you know it’s also an iOS / iPadOS/ Mac system feature if you use safari no need for an app. Just open the password manager and add the otp code. Syncs with iCloud on all your devices.
Ah didn’t know that. The phone is the only Apple device I use so there’s probably a heap of tips and tricks I’m in the dark about.
I like ente Auth. It shows you the next code too just in case the current is about to expire
SAAS Pass.
I like that it backs up to iCloud.
Native iOS auth/OTP Integration in passwords. No need for an additional app. It’s backed up in iCloud via keychain.
2FAS or raivo
I use Google Authenticator, but as I am not in favor of big tech I am very open to using another option.
Google Authenticator is good. The only downside can be keeping multiple phones so you have a backup. I don’t know if there’s something similar on iOS but on Android Aegis is an open source alternative that is compatible with Google Authenticator and lets you locally export your codes
Google authenticator now backs up
Locally to a file?
No to your Google account
deleted by creator
deleted by creator