Hey y’all!
I’ve been using Authy for some time now (switched from Google Authenticator) but an increasing amount of people is suggesting Aegis over Authy in some posts here at Lemmy and that got me curious.
Was wondering what would be the main selling points for one to use Aegis instead of Authy, can somebody help out?
Thanks in advance!
The main point is that Authy is a company that hosts your data on their cloud and you can’t know what they do with it. Aegis is local, but has the ability to create scheduled backups, which then you can sync to your own server or just copy it in different locations for safety.
2FA not being 100% local and offline kinda defeats the point for me. I want potential attackers to need physical access to my device if they intend to get into my accounts.
Aegis may import and export seed with easy. I switch from Authy to Aegis just for this. It also have automatic backups. Authy only selling point was the sync function and maybe the bad desktop app. Now I had a double backup, the native function, and a synced keepassxc file with all the Aegis OTP exported for desktop use. KeepassXC support OTP export with QR so I can create there and export to Aegis if I want. Best solution ever.
Aegis gives you full control over your 2FA codes.
I remember thinking Authy was safe since it saves your 2FA codes to their cloud but learnt the hard way that if you lose your Authy-attached device/app, you’ll have to wait a day or 2 (I think it was 48 hours IIRC) to get back your codes. Would be even worse if Authy decided that I was no longer the owner of my keys. As soon as I got my codes back I switched up to Aegis and never looked back.
what works for others doesn’t have to work for you, they suggest aegis because its open source and authy is not, on the other hand authy is multi-platoform and has builtin synchronization between devices, so there’s the thing: you can rely on third party for backup in authy or back it up manually but where? some third party again? for me personally moving to aegis just because it’s open source is a bit of a PITA, and minus being open-source, aegis is inferior IMO, no multi-platform sync, you don’t have to take out your distraction device to input an OTP, there’s a standalone PC app or browser addons
After having issues moving away from Google Authenticator, portability became one of the requirements I was looking for in an MFA tool; that immediately discarded Authy to me.
I don’t have sync using Aegis, but I know my codes are backed up to at least 3 different locations I control, and I can either set up a new device when I need, or ditch Aegis altogether if they start making stupid choices.
ditch Aegis altogether if they start making stupid choices.
do you mean you can migrate directly from aegis to another app? for me it’s a flaw, that way your OTPs are less secure, Authy distinctly states it has no such feature because of security, many other apps don’t have export feature because of that yet Aegis developers boast about it
that way your OTPs are less secure
Aegis backups are encrypted. One could argue that storing OTP seeds in someone else’s server is even less secure, which is what Authy does.
because of security
Yeah, I read that too when choosing OTP managers and I’m not convinced. These security reasons they give to practice vendor lock-in just sound very convenient to them. They could very well add a secure bidirectional data import/export functionality like Aegis does. If they are really concerned about account takeover, they can confirm user identity, add delays with notifications before exporting, or add any similar bureaucracy. But if password managers allow exporting entire vaults, an MFA app can allow the same for OTPs.
And I insist on this feature because manually resetting over 40+ MFA codes that I have because there is no export feature is a REAL PITA.
A third option is KeePassXC. You can set TOTP seeds for entries there.
You might want to check out FreeOTP+, open source OTP client, all stored locally so be sure to backup everything from time to time.
I was using Authy for a few years until I started caring more about my online security and privacy.
I never heard of Aegis, but it seems like a good open source OTP client with automatic backups!
There’s also Authenticator Pro , which is also open source and looks better than Aegis.
Aegis is not multi-platform so if that matters…does anyone have FreeOTP experience?
