this post was submitted on 13 Oct 2025
127 points (97.7% liked)

Selfhosted

52440 readers
1280 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
127
What are you all using for a 2FA token manager? (lemmy.blahaj.zone)
submitted 1 week ago by BonkTheAnnoyed@lemmy.blahaj.zone to c/selfhosted@lemmy.world
113 comments fedilink hide all child comments
 

One more step to unhitching from Google...

Right now the only option I see in F-Droid is Aegis.

I'm not sure what to actually look for side from checking for unexpected permissions and reasonably frequent updates.

Hopefully something I can sync with a GNOME app...

you are viewing a single comment's thread
view the rest of the comments
[–] Jayjader@jlai.lu 2 points 1 week ago (1 children)

I use pass for my passwords, and it has an otp extension that I've been using more and more. I used to use aegis but I have needed to switch phones one too many times without having access to the previous phone to be comfortable with phones for 2fa.

Of course, this isn't as secure as a truly separate OTP solution, but it's still better than no OTP/2FA. And I can easily enough back up and restore my 2fa access over the internet, even on a new computer (albeit I need to also backup a PGP key that can decrypt the password store to truly be portable).

[–] erock@lemmy.ml 1 points 1 week ago (1 children)

This is what I do. If someone can figure out pass with my password protected gpg, plus my passwords are partials (I salt them), and otp then they can have my access

[–] Jayjader@jlai.lu 1 points 1 week ago (1 children)

plus my passwords are partials (I salt them)

I'm curious how you make that work - do you just remember the salts, store them separately, or what? I have like 50-70 passwords in my store currently, there's no way I'm remembering a (true random) salt for each one.

[–] erock@lemmy.ml 2 points 5 days ago

My salt is just a memorized password I put in addition to the one stored in pass