On Tue, 16 Jan 2024 at 00:56, Alvin Starr via talk <talk@gtalug.org> wrote: > google authenticator has a chrome extension you can use. > I use a package called authy that has a desktop version.
For RFC 6238 Timed-based One-time Password (TOTP), which most sites that offer TOTP use, I use the Google Authenticator app on my phone and KeePassXC for PCs. When adding a new site, I set up both at the same time, with the same key/QR code, so they generate the same codes and I can use either to sign in. https://keepassxc.org/ However, if offered, my first choice for 2FA is a physical security key. I have a Google Titan key. https://store.google.com/ca/product/titan_security_key Yubico keys are probably the more popular choice and offer models with more features. https://www.yubico.com/products/ It's more convenient to press a button instead of having to enter a code, even if you can copy and paste the code. Most sites allow you to set up both TOTP and physical key based 2FA, which I do in case I don't have my Titan key with me. There's also the relatively new "passkey" standard for phones, that doesn't require a hardware key or entry of a passcode. I haven't seen much use of this yet. https://fidoalliance.org/passkeys/ -- Scott --- Post to this mailing list talk@gtalug.org Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
