4.6 KiB
title, icon, description, cover
| title | icon | description | cover |
|---|---|---|---|
| Multifactor Authentication | material/two-factor-authentication | These tools assist you with securing your internet accounts with Multifactor Authentication without sending your secrets to a third-party. | multi-factor-authentication.webp |
Protects against the following threat(s):
Hardware Keys
Hardware security key recommendations have been moved to their own category.
Multifactor Authentication Apps implement a security standard adopted by the Internet Engineering Task Force (IETF) called Time-based One-time Passwords, or TOTP. This is a method where websites share a secret with you which is used by your authenticator app to generate a six (usually) digit code based on the current time, which you enter while logging in for the website to check. Typically, these codes are regenerated every 30 seconds, and once a new code is generated the old one becomes useless. Even if a hacker gets one six-digit code, there is no way for them to reverse that code to get the original secret or otherwise be able to predict what any future codes might be.
We highly recommend that you use mobile TOTP apps instead of desktop alternatives as Android and iOS have better security and app isolation than most desktop operating systems.
Ente Auth
{ align=right }
Ente Auth is a free and open-source app which stores and generates TOTP tokens. It can be used with an online account to back up and sync your tokens across your devices (and access them via a web interface) in a secure, end-to-end encrypted fashion. Aplikasi ini juga dapat digunakan secara luring pada satu perangkat tanpa perlu akun.
:octicons-home-16: Homepage{ .md-button .md-button--primary } :octicons-eye-16:{ .card-link title="Privacy Policy" } :octicons-info-16:{ .card-link title=Documentation} :octicons-code-16:{ .card-link title="Source Code" }
Aegis Authenticator (Android)
{ align=right }
Aegis Authenticator adalah aplikasi gratis dan bersumber terbuka untuk Android guna mengelola token verifikasi 2 langkah untuk layanan daring Anda. Aegis Authenticator beroperasi sepenuhnya secara luring/lokal, tetapi menyertakan opsi untuk mengekspor token Anda untuk pencadangan, tidak seperti banyak alternatif lainnya.
:octicons-home-16: Homepage{ .md-button .md-button--primary } :octicons-eye-16:{ .card-link title="Privacy Policy" } :octicons-info-16:{ .card-link title=Documentation} :octicons-code-16:{ .card-link title="Source Code" } :octicons-heart-16:{ .card-link title=Contribute }
Kriteria
Harap diperhatikan bahwa kami tidak berafiliasi dengan proyek-proyek yang kami rekomendasikan. Selain kriteria standar kami, kami telah mengembangkan serangkaian persyaratan yang jelas untuk memungkinkan kami memberikan rekomendasi yang objektif. Kami sarankan Anda membiasakan diri dengan daftar ini sebelum memilih untuk menggunakan sebuah proyek, dan melakukan penelitian sendiri untuk memastikan bahwa itu adalah pilihan yang tepat untuk Anda.
- Source code must be publicly available.
- Must not require internet connectivity.
- Cloud syncing must be optional, and (if available) sync functionality must be E2EE.