If that’s the case I’m with you. Not a good idea at all.
1 Like
It’s quite easy to sync/backup a folder off your android device to your own server over Nextcloud, SFTP, SMB or whatever else you want to use.
Easiest is to use syncthing to sync the backup over to your server.
As someone who values a polished UI, Ente Auth fell short when I switched over to iOS.
When you launch Proton Authenticator for the first time, it greets you with an intro screen with satisfying haptic feedback on each “Next” tap. The rest of the UI is neat and user-friendly, subtle animations in all the right places, and an optional animated number scroll that really impressed me.
If only they’d trim down the name. It’s the longest app title on my phone, and the rest gets cut-off.
1 Like
It isn’t. But what is more striking even is that they don’t actually sync the 2FA of proton pass to this app, it is completely disconnected. I frankly do not see the point. Bitwarden had a more logical approach. I mean either you put it in the same account for convenience, or you do not for security reasons. But not syncing with Proton Pass, I don’t get why.
4 Likes
Well I thinl thar youcan just choose a cloud service’s folder in the files app for the location of the file ?
With that I agree. I believe they should present an option, after login, to sync or not with Proton Pass and then it will be the users choice.
For me at least that option isn’t available. Only local storage. I can’t select any folder from any cloud storage even though they are mounted on files app.
1 Like
Looks nice, but following the “don’t put all your eggs in one basket” advice, I’m going to give this one a miss.
Good to see more competition in this space.
You don’t have to sync the 2FA codes to your Proton account, it can either stay locally on your device or be included in your device backups. Not sure if the “don’t put all your eggs in one basket” advice applies because of that.
Although you could argue you are trusting one company with developing the software I suppose.
6 Likes
Trusting one company for all your software is what I was going for.
I imagine most people will be using their sync option as it’s convenient which would also relate to my point.
Now, we just need services that matters such as banks to start allowing us to use 2FA auth apps instead of SMS and emails.
It is nice that Amazon, Bitwarden, LinkedIn, Proton, Patreon even Google allow the 2FA auth app but I really hope banks (at least in the US) allow customers to use it as well.
2 Likes
Indeed. It looks almost identical to Ente, which is why I find it very dishonest that Proton didn’t include Ente in their comparisons to other authenticators. I have zero doubt they are aware of Ente, and were almost certainly inspired by it. None of the authenticators they are comparing themselves to are open source, when we know FOSS authenticators exists.
It’s like launching a new E2EE cloud service and only comparing yourself of Google Drive, One Drive and Dropbox, when you know damn well there are lots of E2EE cloud services out there.
All that being said, I’m happy Proton launched an authenticator. I always thought that Proton should have a product that is completely free. Not freemium. Free. An authenticator is a good start, but I hope they do more. My hope is that as Proton becomes more and more successful, they make more and more paid features of Proton Mail free.
Does that mean you always manually type youor 2FA codes?
Also, what password manager do you use?
I use 1Password and have my 2FA codes saved in both 1Password and Ente.
The advantage of 1Password is that it requires a security key to use. Meaning that if bad actor knows your email and password, they will not be able to access your account wuthout the security key.
I completely understand why people don’t want their 2FA codes and the passwords in the same place, but I admit that it’s really convenient for autofill.
Something I hated with previous authenticators, is that if you could only have them on one device, it meant that your always have to leave the app or website you’re logging into to copy the code. With many websites and app, if you switch to another app, the credentials you’ve already entered will disappear when you come back. It’s really annoying.
there are some bugs in the app in mainly import feature
the app can be used offline
How so? Most 2fa have export options. At least, reputable ones will have an export option (usually with multiple ways to export). It’s always a good idea to check the app out before using it and committing and check the features out. An app that’s got a name like “Best 2FA" is probably that app that will be a pain in the arse to transition from.
It’s only 6 digits. I just look at it and then type it in. I can probably have it done in about the same time as copy and paste would take.
I feel the same. It’s much better to not have everything all in the same place. Same reason why your not out throwing around an email that’s attached to financial institutions. Using a mask or a completely different address is a much smarter thing to do.
In your opinion, does keeping everything in one place pose a significant risk, considering all other security measures are in order? I mean, the firewall, DNS, and Brave browser are all configured with strict settings. I value convenience, so is this an area where I can afford to be flexible?
1 Like
Yes, but as I mentioned, one of the reasons people like to save their 2FA tokens in their password manager is because of the autofill feature. There is no typing the code, and there is no copying and pasting. Your code gets filled automatically. You don’t have to do anything.
That being said, I hear you. Separating your 2FA tokens and passwords is better for the security of your accounts.
I am curious, though, do you unlock your phone with biometrics or a code?
1 Like
I see your point, but it would also be good to have a Google Photos competitor that’s fully polished.