• xabd@sh.itjust.worksBannedOPMEnglish
    8·
    1 month ago

    Aegis Authenticator is a free and open-source 2FA app for Android that stores all tokens in a locally encrypted vault (AES-256-GCM). It supports TOTP/HOTP, works fully offline, allows encrypted backups you control, and is available on F-Droid. A solid privacy-respecting alternative to Google Authenticator and Authy.

    https://github.com/beemdevelopment/Aegis

    F-Droid: https://f-droid.org/app/com.beemdevelopment.aegis

  • killingspark@feddit.orgEnglish
    22·
    1 month ago

    This looks cool, but I’m not sure why yet another one was necessary. Does it have any features that e.g. FreeOTP+ doesn’t have?

    Edit: Not to say, you shouldn’t do things just for fun! I certainly made some projects just for the hell of it.

    I was just interested if there are any actual reasons, especially since this implements a lot of import functionality from other apps. Making the change from other apps to this app that easy seemed like they expected a lot of people to transition to their app.

    /Edit

    • halfdane@piefed.socialEnglish
      2·
      1 month ago

      Both provide time-based one-time passwords (totp), so the question is very reasonable.

      I’m using aegis because it was the first one I stumbled upon - your question inspired me to check out freeOTP+ , so here are the key differences I found:

      • freeotp hides the totp until you tap the entry
      • aegis shows the totp for all entries all the time
      • aegis refreshes the displayed totp after the timeout
      • freeotp hides the totp after timeout
      • aegis export:
        • an encrypted json file that can only be read by aegis
        • an unencrypted text file that can be imported into other programs
        • shows a warning when exporting unencrypted
      • freeotp export:
        • unencrypted text file that can be imported into other programs
        • unencrypted json file that can be imported into other programs
      • both can ask for biometric unlock (fingerprint) when configured
      • aegis provides biometric unlock only if database is encrypted with a password

      All in all they are very similar and both seem great, so you’re free to choose the one that’s a better fit for you 🤗

      I personally like seeing the totp at all times without explicitly tapping in them, so that’s why I’ll stay with aegis, even if that exposes me to potential shoulder surfers that can as well see all the secrets all the time.