this post was submitted on 28 Oct 2023
6 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

Yesterday, I accidentally removed an authenticator app from my phone. Fortunately, I have another copy of the app on a different device. It made me realize how easy it is to lock myself out of my accounts. Do you think it's a good idea to create a Windows VM with an Android emulator on it and install copies of all my authenticator apps, this will not cause any security issues?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (3 children)

why not consolidate your auth apps?

i use selfhosted vaultwarden (with backups ofc) for everything, except for vaultwarden, which is protected by authy . and authy can be backed up easily

[–] [email protected] 1 points 1 year ago

I backup the data but not the apps

[–] [email protected] 1 points 1 year ago (1 children)

Sane MFA apps explicitly disallow their data from being backed up. That would be a massive attack vector if it was possible.

[–] [email protected] 1 points 1 year ago

Which is exceedingly dumb IMHO. Sure it would be a vector, but it's a vector to something that should be an additional step to username and password. Idk, I use vaultwarden and find myself worrying less about "what if?". I'm also enabling TOTP far more often now that I can easily add it to my phone and have it sync to other systems.

[–] [email protected] 1 points 1 year ago

Instead of authy, may I suggest Ente Auth. It works the same as authy but is open source.