I personally am fine with this.

  • SkaveRat@discuss.tchncs.de
    link
    fedilink
    arrow-up
    30
    arrow-down
    1
    ·
    1 year ago

    Like why on earth do I need two different authenticator apps on my phone (authy&google authenticator)?

    you… don’t?

    Both of these implement exactly the same protocol (TOTP). Used authy for all my Top Of The Pops Time-based one-time password needs exclusively, before moving everything to bitwarden

    • subtext@lemmy.world
      link
      fedilink
      arrow-up
      8
      arrow-down
      2
      ·
      1 year ago

      Unfortunately there are some websites that require Authy (probably because Authy wined and dined some business executive). I absolutely loathe these sites but if it’s a site you’re not willing to live without, you’re stuck with having Authy plus your main 2FA app.

      • SkaveRat@discuss.tchncs.de
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        1 year ago

        which ones are that? I’d love to check, because afaik, they have a feature that enables push-2fa via authy, but should generally work on other apps as well

          • SkaveRat@discuss.tchncs.de
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            Are you sure that you can’t use a different TOTP generator? There’s a difference between telling you to use Authy and still being able to use a different app

            • LittleLily@shinobu.cloud
              link
              fedilink
              English
              arrow-up
              6
              ·
              edit-2
              1 year ago

              Yes I’m sure, hence why I specifically mentioned that. Try the sign up procedure yourself. It REQUIRES 2fa and it has to be Authy’s non-standard token or SMS. No option for regular TOTP.

              • SkaveRat@discuss.tchncs.de
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                1 year ago

                thx. just making sure. I already saw a lot of people annoyed about a specific app, just because that was the one being advertised, but in the end it was TOTP

      • subtext@lemmy.world
        link
        fedilink
        arrow-up
        8
        arrow-down
        1
        ·
        1 year ago

        Well the good news for you is that a website specifying one or the other is nothing more than marketing from that app maker! So long as there is a QR code (or a long random-ish string), you can use any authenticator app that supports that website’s 2FA algorithms!

        That last bit is important because I think Lemmy had a non-standard 2FA algorithm (SHA-256?) that wouldn’t work with Google Authenticator.

        • Rootiest@lemm.ee
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          1 year ago

          Lemmy works with Google Authenticator, but not with Authy.

          Annoyingly Authy fails silently and ignores the part of the code that specifies SHA-256 and just generates a SHA-1 code that won’t work with no warning or indication to the user.