"Whenever you can, share. You never know who all will be able to see far away standing upon your shoulders!"
I write mainly on topics related to science and technology.
Sometimes, I create tools and animation.
You can quickly go The Verdict if you want, or read below for a full explanation.
2FA is almost ubiquitous now. Most big user-facing websites that need to do user management and authentication have either enforced it or they have it in the cards.
While the additional security 2-factor authentication brings to the table, along with the fact that it mostly disposes of the need of security questions, unquestionably makes it unavoidable.
One may not find anything bad or undesired about it, except someone nit-picky like me.
I have the following two issues with it.
This article is about working around the two issues mentioned above.
We'll see how, with a little diligence, we can have the peace of mind of not having to depend on a specific device or app, and of not worrying about what happens if we lose it.
Let's start with the first issue above. In general, these days, it is a non-issue.
We log in to our accounts either on our phone itself, or on our laptop/PC with our phone by our side.
On top of that, we can have trusted devices - devices on which we do not need to enter the security code repeatedly (for a given account).
All good, correct?
Except, it's not when I am primarily a laptop/PC person (i.e. I like to do most of my serious work on PCs) and I do mind having a break in my chain of thought and work flow that is introduced by having to leave the keyboard and mouse, find and pick up my phone, go to the authenticator app, unlock it, scroll to the respective account, remember and manually feed the code on my laptop!
The problem mentioned above has a not-so-difficult solution - there are authenticator apps out there that you can install on your laptop/PC, and that will save you the trouble of reaching out to your phone.
If you ask me, for such an app to be useful, I would need it to be:
For Windows, such an app is WinAuth.
Please do me a favor and let me know of a similar app for Linux 🙏.
Ok, with WinAuth we can get security codes right from our Laptop/PC.
But we need something for mobiles as well.
There are not many open-source authenticator apps, but out of the ones available, I propose FreeOTP for its sheer simplicity!
It does one and only one thing - generating authentication codes - no password management or those sort of things.
Now, you may think that at least export or cloud-backup features would have been nice - for making the configured accounts portable, eh?
But almost all apps I've looked into are useless in terms of portability in spite of having these features! Examples below.
Microsoft Authenticator, like most other authenticator apps, gives the option of cloud backup. But the caveats are these:
Google Authenticator is the only app I've come across that provides an option of exporting the accounts in the form of QR codes, but again... Houston, we have a problem! These QR codes can be imported (read) ONLY by the Google Authenticator app! This is what I meant when I used the term freely importable above.
Further, by having the option of exporting the accounts in the form of only QRs, and not in (password protected or not) text format that can be used later, we need both the old and the new devices together while doing the import (unless you care about taking screenshots of each QR).
This becomes problematic, e.g. if we lost our old phone, or we did not care to import the accounts into the new phone before getting rid of the old phone.
So, with both cloud backup and exporting features being useless with most of the apps anyway, it is Ok for FreeOTP to not have these at all! Especially when we are already using WinAuth on our laptop/PC that has all these features. With WinAuth, you can:
Read The Verdict for a final summary.
For each new account you need to set up,
Once in a while, remember to take backup of your accounts in WinAuth, preferably in the form of password protected .zip file, and save it to a cloud of your choice!
And then, you need not worry about setting up the accounts from scratch again in case you:
Should such a need arise:
Finally, if you liked these apps, do not forget to show your appreciation to their creators in the form of donation or whatever other way you like!