TOTP are bad too prone to phising unlike passkeys or fido2 WebAuthn

How about keeping a .APK of Aegis with your .JSON file? Or downloading Aegis from Aurora Store or Droid-ify?

It only works on one device at a time. I miss authy as I could use it on my phone and computer at the same time. It also made recovery and access a lot easier if the phone was lost. I don't get what the problem is with Authy. Lots of software is closed source.

@@OH2023-cj9if I've heard that Authy is problematic. Aegis is good. It's simple to use.

​@@batool.ali1102fas authenticator has a auto cloud sync that's password protected and open source you can easily transfer over to a new phone using that method

@@batool.ali110its simple to use imo but I dont want to use sms or phone to register/activate

Authy is very similar, you cannot transfer your seed codes out of Authy for backup/transfer. Authy requires you to create an online account (with an email and phone # if I remember correctly), and although you can add the Authy app to your laptop/phone to sync codes, you are locked into their ecosystem. When I moved away from Authy and requested my online account to be deleted, it was not instantaneous and it took 30 days for full account deletion to occur. Moving to Aegis has given me comfort that my data sensitive 2FA data is not living in the cloud, and I don’t need to sign up for an online account with my information since Aegis is fully offline. There’s a little extra work to ensure I backup my codes to a USB drive just in case my phone dies. But it takes me 2 minutes per week to plug my drive into my phone and backup every Saturday. Hope this helps!!

@@ThePrivacyWayfinder Super helpful, thank you. I recently lost my phone and with that all of my codes that were stored on Google A :-/ I was able to retrieve most of them because I was still logged on many of the sites on my PC and I could disable 2FA and then re-enable them. Not great, but at least I wasn't permanently locked out. However, there were some sites that I still have to deal with gaining access to (obviously not frequent use, but still a pain). Aegis seems the way to go, I can keep my own encrypted backup and not end up with the same situation that I encountered, and I really dislike apps that make it difficult to leave (export your data/delete your account/info). Thank you for taking time to explain.

The backup I make is to two physical usb drives, not online. The reason why I backup my codes is if my phone dies, I drop it in water, etc, and it doesn’t work, I can just plug my usb drive into my new phone and now I have all of my codes on that new phone. I backup every Saturday just for the habit. I’m also backing up files, my Keepass database, photos, etc., during my Saturday backup schedule as well. So even if I don’t have new aegis codes, I just habitually backup everything up since I have other things to backup anyways. But no, keys do not expire. Hope this helps!

​@ThePrivacyWayfinder how come you back all so often? I'm just beguinning to learn all this so it might sound stupid. Is there away to have somepass codes you can put in a password locker just incase your phone breaks or anything? Or is there any other way? I've just changed mine all over from Google authenticator for obvious reasons but didn't realise its off line I was thinking why it's not asking for email I thought I could just put the password in and that's it. Can you have the same codes running on two diffrent phones or profiles?

Yup, it has password/fingerprint login ;)

Aegis is an Android exclusive app.

@@simimik. Thanks!

No, it's android only

Thanks!! 😁