this post was submitted on 13 Oct 2025
110 points (96.6% liked)

Selfhosted

52232 readers
984 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
110
What are you all using for a 2FA token manager? (lemmy.blahaj.zone)
submitted 1 day ago by BonkTheAnnoyed@lemmy.blahaj.zone to c/selfhosted@lemmy.world
81 comments fedilink hide all child comments
 

One more step to unhitching from Google...

Right now the only option I see in F-Droid is Aegis.

I'm not sure what to actually look for side from checking for unexpected permissions and reasonably frequent updates.

Hopefully something I can sync with a GNOME app...

you are viewing a single comment's thread
view the rest of the comments
[–] ohshit604@sh.itjust.works 1 points 19 hours ago* (last edited 19 hours ago) (1 children)

With regards to the backup key, Yubikey recommends to save (screenshot) the QR code that is generated during 2FA setup to setup the backup key later on. Maybe that is also a workaround for services that only allow a single 2FA device. https://support.yubico.com/hc/en-us/articles/360021919459-How-to-register-your-spare-key

Just looking back at my purchase history, I got my Yubikey’s back in January 2020, it appears that I never read this doc about scanning the QR code for the backup key, or maybe I did? I don’t really remember it all too well. Regardless In certain circumstances my keys do the exact same thing and I’m quite sure I followed some guide to create one primary and one secondary key but it’s possible that guide has gone outdated.

Similar to something like Keepass, the database is local and you are in charge of making backups and such.

I can totally respect the folks who opted to self host, I’m horrible when it comes to backing up data and such and self hosting wasn’t really my thing back in 2020 so it never really was on my radar.

In the end this comes always down to an optimization problem between security and convenience that everyone has to decided for themself.

Couldn’t agree with you more, everybody has that dial between convenience and security and should adjust accordingly.

[–] 5ymm3trY@discuss.tchncs.de 1 points 18 hours ago

Regardless In certain circumstances my keys do the exact same thing and I’m quite sure I followed some guide to create one primary and one secondary key but it’s possible that guide has gone outdated.

Yeah maybe this guide wasn't there when you bought yours or it is outdated. Problem is, you have to setup the 2FA from scratch for these accounts if you don't have the QR code anymore. Might still be worth a try to really get two identical keys.

you are in charge of making backups and such. I can totally respect the folks who opted to self host, I’m horrible when it comes to backing up data and such and self hosting wasn’t really my thing back in 2020 so it never really was on my radar.

Aegis is still an app on your phone. It just is not connected to an online service so you control the database file youself. It of course always depends on you setup e.g. if you have a single device that acts as your 2FA "key" and keep offline backups of the database you don't have to host anything. If you want to authenticate with multiple devices and add new accounts often some form of automatic sync might be helpful. Even though I like the app, I don't want to convince you of Aegis. I just didn't want to paint the wrong picture.