Add 2FA hardware and software section #420
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#420
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hi,
Here below what can be added to the website.
Two-Factor Authentication (2FA)
Software
Mobile: Tofu
Tofu is an easy-to-use, open-source two-factor authentication app designed specifically for iOS. It uses HOTP and TOTP algorithms. Tofu is licensed under the ISC license. The source code is available for review and modification on GitHub.
[ website: tofuauth.com ]
OS: iOS
Mobile: andOTP
andOTP is a two-factor authentication app for Android 4.4+. It implements Time-based One-time Passwords (TOTP) and HMAC-Based One-Time Passwords (HOTP). Simply scan the QR code and login with the generated 6-digit code. MIT licensed.
[ website: github.com/andOTP/andOTP ]
OS: Android
Mobile: FreeOTP
FreeOTP is a two-factor authentication (2FA) application for systems utilizing one-time password protocols. Tokens can be added easily by scanning a QR code. It implements open standards: HOTP and TOTP. FreeOTP is sponsored and officially published by Red Hat, under the Apache 2.0 license.
[ website: freeotp.github.io ]
OS: iOS, Android.
Hardware
U2F Zero
U2F Zero is a secure and open source USB token. Designed to be affordable and reliable.
[ website: u2fzero.com ]
Nitrokey
Nitrokey has multiple hardware devices. Both hardware and software are open-source, free software and allow independent security reviews. Customisable, no vendor lock-in, no security via obfuscation, no hidden security issues.
[ website: nitrokey.com ]
Yubico
Yubico has multiple devices, including the YubiHSM 2, an USB-based, multi-purpose cryptographic device for servers. The software to use Yubico is open-source.
[ website: yubico.com ]
Related Information
Ok, I just see that not just long ago the whole section has been removed? Also mentioning hardware should be there, right?
should be:-
using a two-factor authentication
For Android i can recommend andOTP from F-Droid and WinAuth for Windows
Hello guys, I want recomended this fork of FreeOTP. Fixed many issues from original version.
https://github.com/helloworld1/FreeOTPPlus
https://f-droid.org/en/packages/org.liberty.android.freeotpplus/
I really don't know if the original version is still in development.
@CHEF-KOCH
Looking at your link, Authy is only partially open-source.
@hachiman29
Should be noted that the fork is Android only (required Android SDK).
And thank you all for your input!
@CHEF-KOCH
On the link, 12 out of 19 repos are closed source.
More to the point, which repos do you consider to hold the entire Authy offering?
So, it looks like you agree that Authy is only partially open-source.
Head over to:-
https://prism-break.org/en/all/#authentication
and look in the Proprietary column.
If you're convinced that Authy is fully open-source, you might like to open an issue at:-
https://github.com/nylira/prism-break/search?q=authy&type=Issues
That forum is frequented by higher level techies. Having said that, Privacy Tools is to be applauded for presenting the goods to the world in a more informative and approachable layout.
I was going to start a thread on Reddit, asking for a section on 2FA to be added, with some compiled links. But then I came here to check if there were relevant suggestions, and I found this issue.
Is there are publicly known reason for why the previous section was removed? (per comment 1 above, and #406 filed separately)
In case they are useful, here are the notes I was going to post:
At https://www.privacytools.io/ there is not currently any mention of 2FA.
I suggest adding a section there for it, and adding the most recommended tools.
Which tools? I don't know, that's why I went to the site to look!
Here are relevant links, so you can all figure it out:
and past discussions here (from a quick search)
Via PrivacyTools.io I found Tofu. I added this one plus the already mentioned andOTP.
I suggest Tofu for IOS and andOTP for Android. @Shifterovich
I don't have an opinion on this topic so I'll let you decide.
I'm using Tofu since December and I like it a lot! Maybe FreeOTP as a 'worth mentioning' option? It got an update just a few days ago (it's not dead!).
Someone can create a PR for the software-based ones.
That's weird, the commits are way older than a few days ago.
You're right, but in the App store there was an update.