(lucumr.pocoo.org)

184 points Bogdanp | 4 comments | 02 Sep 25 13:47 UTC | HN request time: 0.001s | source

Show context

jcmontx ◴[02 Sep 25 17:59 UTC] No.45106732[source]▶

One day Authy for desktop was deprecated and all of a sudden I was forced to always have my smartphone with me, which I was struggling to replace with a dumbphone. To this day, I have no way out of owning an smartphone for this very reason

replies(3): >>45106857 #>>45106956 #>>45114607 #

1. cuu508 ◴[02 Sep 25 18:15 UTC] No.45106956[source]▶

>>45106732 #

Are there many sites that only support Authy's push authentication and nothing else?

replies(1): >>45107184 #

2. jcmontx ◴[02 Sep 25 18:33 UTC] No.45107184[source]▶

>>45106956 (TP) #

No, not really, it's about migrating/restoring every single 2FA key would be extremely inconvenient

replies(2): >>45107464 #>>45107565 #

3. cuu508 ◴[02 Sep 25 18:55 UTC] No.45107464[source]▶

>>45107184 #

Do one a day :-)

4. arp242 ◴[02 Sep 25 19:02 UTC] No.45107565[source]▶

>>45107184 #

TOTP should just be a (typically base32) secret string; I don't know if Authy allows exporting that though (and if not, that only underscores the point of this article).

I just use a simple shell script with dmenu/xclip/oathtool:

  #!/bin/zsh

  typeset -A opt=(
      Docker ABC
      GitHub DEF
      # ...
  )
  k=$(print -l ${(ko)opt} | dmenu -i)
  [[ $k != "" ]] && oathtool --totp --base32 $opt[$k] | xclip -rmlastnl

↑

Passkeys and Modern Authentication