Hi.
¿Is there an alternative 2FA client (for installing in opensuse) to google authenticator o microsoft authenticator?
May be, if you explain what “google authenticator o microsoft authenticator” is.
Yubikey (or similar) works with Google, Authy I have used on other sites
1 Like
Lots. A simple google search will give you many options.
Google authenticator and microsoft authenticator are two android apps for two factor authentication.
For instance: you have office365 with 2FA active, then when you log in from some computer it ask you for your login+pass and then it ask you for a token, you have to use microsoft authenticator (or google authenticator), it gives you the token, you enter it.
“Token” is rather generic description. If you mean TOTP - KeePassXC can generate them.
KeepassXC user and someone who has integrated TOTP/WebAuthn into their web app.
Using KXC for storing TOTP completely negates the intended use for TOTP 2FA, the whole point is to have a second-factor that is removed from a potentially compromised primary app/device.
@fperal It’s recommended to use a FIDO2-compatible hardware security key (HSK) like a Yubikey. Better than TOTP as it prevents any phishing/replay attacks and you don’t need to enter any credentials into Google, Microsoft, or anywhere else that supports passkey (passwordless) authentication. You can also use it for auth in your OpenSuse PC.
Authy works on openSUSE but is EOL soon
Tested authenticator as an alternative successfully, but does need a switch of system packages to this repository (on 15.5). If that is an issue you could perhaps use the flatpak option
KeePassXC (~= KeePass) password manager, locked by Yubikey for 2FA works really well for me. The Yubikey is very convenient and works on laptop and mobile, but not many sites accept it (e.g. banks). Also a bit scarey: loose it and all your secured info is dead. Pros keep two keys as backup but at £60 each that is expensive (there are cheaper keys but less flexible). As an alternative, keep a note of the key password under the mattress …
You could use your device’s TPM as a backup, like Windows Hello or Apple Touch ID.
Unfortunately, I could not find a package that supports FIDO2 on Linux/OpenSuse, but a promising one is tpm-fido that supports older FIDO/U2F (wish the dev would update).
Multi-device passkeys is possible with iOS/Android (attached to your Apple/Google account). Your PC connects to it using the browser and bluetooth, so a passkey registration/authentication request on your PC can be serviced by your smartphone.
Bitwarden, but maybe only in the paid plan (which is totally worth it). Although IIRC they had plans to include TOTP support in the free version as well, eventually.
App is open-source and multiplatform (at least Android, iOs, web, and Linux via flatpak)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.