• haui@lemmy.giftedmc.com
    link
    fedilink
    arrow-up
    7
    ·
    8 months ago

    Not sure if this applies but incidentally I changed my otp manager from microsoft to vaultwarden today. Adding security keys in the process is mostly two additional clicks. Of the 20 accounts I migrated, only about 7 had the option and only with one it was more work than adding totp.

    • thegreekgeek@midwest.social
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      Yeah I use bitwarden and it was pretty panless. My only issue was on github the addon didn’t pick up on the passkey initially, had to make a new one.

    • Anas@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Doesn’t using the same service for password management and OTP defeat the purpose of 2FA?

      • haui@lemmy.giftedmc.com
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        Its a pretty tough decision what to use for this imo since technically, you‘re right. Then again, you already have to log into your os and unlock the password safe to get the passwords or the otps.

        The reason why mfa is done is if your password leaks you are not completely effed. You can obviously use a second selfhosted service with a different password but chances are most people would rather use something easier.

        Also, passkeys work the same way. They work if you are logged into a device. That way you get no additional password except you can only use it from the device in question.