What does HackerNews think of Aegis?

A free, secure and open source app for Android to manage your 2-step verification tokens.

Language: Java

#15 in Android
#58 in Hacktoberfest
Ask HN: How do you deal with TOTP 2-factor auth? | Sep 2023
I use Aegis[1] on mobile and OTPClient[2] on my computer, both are regularly backed up on change.

I do not use the TOTP feature in my password manager as feel it will defeat the purpose of 2FA (though I can split it to a new DB in KeePassXC).

For my work, the company uses a proprietary password manager, I just don't install it in any of my personal computing devices.

- [1]: https://github.com/beemdevelopment/Aegis

- [2]: https://github.com/paolostivanin/OTPClient

TOTP Authentication with Free Software | May 2023
Expand Context ↕
Microsoft Authenticator is the app that would literally refuse to work unless you first consented to data sharing and telemetrics. No fucking go. Thankfully, F-Droid has a useful alternative (Android only, of course):

https://github.com/beemdevelopment/Aegis
Don't store TOTP in Bitwarden for your online accounts (2022) | Jan 2023
Expand Context ↕
Aegis [0] is a much better alternative to Authy if having backups is a must (and even if it isn't too), specially because you will be in control of these backups. If you are on iOS Raivo [1] is a similar alternative that provides encrypted backups to iCloud.

[0]: https://github.com/beemdevelopment/Aegis

[1]: https://github.com/raivo-otp/ios-application
Don't store TOTP in Bitwarden for your online accounts (2022) | Jan 2023
Expand Context ↕
If you're an Android user, you may be interested in Aegis [0,1]. It allows you to import data from various formats, either through a file or directly from another app like Authy (needs root access). It also allows for export options, such as encrypted JSON or unencrypted TXT/HTML. Additionally, it enables backups to file storage, I am using my Nextcloud as a target.

Overall, Aegis is my to-go open-source alternative to Authy.

[0] https://getaegis.app/

[1] https://github.com/beemdevelopment/Aegis
Tell HN: It is impossible to disable Google 2FA using backup codes | Jan 2023
Expand Context ↕
Not sure if this is still accurate or not, but you used to be able to use the element inspector to export your keys from the Authy chrome extension (I can't find the original script I used, but I did find this one for developer mode [1]). This is how I migrated to WinAuth (dead project, but still works. Theoretically secured by windows itself, so shouldn't matter I think?). I've since migrated my mobile devices to Aegis[2], which I'm trusting sandboxing to secure; new otp are still added to Authy solely as backup.

Aegis supports importing from a bunch of apps, as does android-otp-extractor, both need root to do so. Aegis can also import backups from a bunch of different apps.

[1] https://gbatemp.net/threads/extract-your-totp-keys-from-auth... [2] https://github.com/beemdevelopment/Aegis [3] https://github.com/puddly/android-otp-extractor
FTC fines Twitter $150M for using 2FA phone numbers for ad targeting | May 2022
Expand Context ↕
plus one on this. https://github.com/beemdevelopment/Aegis
FTC fines Twitter $150M for using 2FA phone numbers for ad targeting | May 2022
I use the FOSS https://github.com/beemdevelopment/Aegis and like it far better than other TOTP apps for the feature and UI
Ask HN: Is Google phasing out Authenticator/TOTP? | Feb 2022
Just FYI, it's possible to backup your codes on Android using Aegis too. No root needed.

https://github.com/beemdevelopment/Aegis

Ask HN: Recommended two-factor authenticator app for personal use? | Dec 2021
Aegis, it's FOSS and supports encrypted backups. Migrating to a new device is trivial.

Best of all: it even supports 7 digit TOTP that previously required Authy (I think Cloudflare and HumbleBundle use this variant).

https://github.com/beemdevelopment/Aegis