Email or username:

Password:

Forgot your password?
Devine Lu Linvega

So what do you all use for the github 2FA shit?

It asks for a browser extension thing, is 1password what people use?

edit: Okay, if desktop app, not an electron program.

37 comments
Jonathan

@neauoire 1password doesn't necessarily store your password with their service - you can keep the vault file whereever you would like.

for 2FA, I use google authenticator, but you need a newish phone for that.

Devine Lu Linvega

@jonbro I don't have a phone, it'd need to be a browser extension I think

Mauve 👁💜

@neauoire I use my text messages and the Keysmith app for KDE. apps.kde.org/keysmith/

If you save a copy of the qr code you can import it into a bunch of devices.

Dante Scanline

@neauoire i use a mobile app called FreeOTP to store those 2FA codes. im sure there's one on desktop because the math behind it is pretty simple. it shouldn't need to be stored 'online' anywhere.

Devine Lu Linvega

@dantescanline I don't have a phone but I'll try to find a desktop app for this. Thanks

Dante Scanline

@neauoire ah i should say it's FreeOTP is android, in case you have a tablet or something since it's just a simple local app with no "phone" requirements

tinspin

@neauoire @dantescanline Is this on purpose = I don't want a phone or I'm sailing so the phone does not work anyway? I'm also tired of big corporations so I' looking at building my own phone, and internet 2.0 like in silicon valley the TV show XD: radiomesh.org

Devine Lu Linvega

@tinspin @dantescanline I find it too distracting, I have a predisposition to rely on it too much, and getting lost haha. I prefer to do without if I can :)

dwardoric

@neauoire KeepassXC has 2FA support and there is an otp plugin for pass if you don't want to use a phone.
On a phone I recommend FreeOTP+ (it has a backup/export).

Fudge

@neauoire For 2FA authentication, I have a horrible gross 10 line shell script that calls oathtool to generate the one time pass number. So far, every site has had a “can't scan the QR code?” button that's let me get the magic number to feed into oathtool without scanning a QR code.

The script basically does this: `oathtool -b --totp $MAGIC_NUMBER`

Avi Bryant

@neauoire I use 1Password. But you might also consider using a hardware device like Yubikey.

benjohn

@neauoire If you're in Apple's ecosystem land, the automatic keychain password keeping is pretty great.

It (now) includes OTPs and completes them automatically, like the password field.

The system is not flawless but is better than other keepers I've used, is really nicely integrated, and keeps improving.

… sorry if this is totally useless advice in your case!

Devine Lu Linvega

@benjohn it's useless to me, but maybe someone reading this can make use of the advice. It's been many years since I've seen an OSX device :)

Desttinghim

@neauoire I use bitwarden for my github 2FA, I don't remember if its included in the free plan or not

Umur Gedik

@neauoire I use 1password 7 which is native on macOS. new versions (8+) uses electron unfortunately.

defel

@neauoire imho it just needs to be any kind TOTP implementation

I used yubioath, gopass and unixpass (with pass-otp extension) in the past. All of them are fine.

Yubioath is secured by hardware (yubikey) and unixpass/gopass can use GPG as a backend to secure the secrets.

And you can use yubikey/nitrokey directly in the browser, but this depends on a recent chrome or firefox browser, I guess.

Annika Backstrom

@neauoire i've heard you can use a security key like a yubikey, rather than TOTP QR code scanning or SMS. i'm not sure how mutually exclusive all those options are :/ (i have all these options enabled so i'm not sure if one requires another)

Tekgo

@neauoire no app suggestion but make sure when you get it setup you also get some backup codes and store them separately. Don’t forget want you losing access if your machine with the app dies

Annette

@neauoire I use a yubikey, although I think when I got it it wasn't directly supported, so currently I have it set up as a code generator - I either tap it on my phone with NFC or plug it into a computer and run yubico authenticator, and it generates a code to enter into Github. The transition to USB-C kinda sucks - I have some devices that can't do USB-A (my work Macbook) and some that can't do USB-C (my own Macbook).

Devine Lu Linvega

Got it all sorted out, thanks to everyone who suggested advices! ✊

abortretryfail

@neauoire
Yubikey

Or oathtool TOTP if you just wanna be sloppy with it.

josh g.

@neauoire Aegis is a good open-source, local-to-device 2FA app for Android.

DHeadshot's Alt

@neauoire I use KeePassXC generating a TOTP code from my PC. It's nice and secure.

Go Up