While updating my profile, I noticed that the forum software now offers Two Factor Authentication (2FA) for an added layer of security. I enabled it, added the code to my Authenticator app as well as KeePass, and it works flawlessly. KeePass even auto-types the OTP on the login page.
Anyone else here who uses 2FA?
I started using it a while back, I was probably the first, since I had to enable the feature in the forum for it to appear.
Thanks for enabling it. Since then, I've noticed a few other forums offer authenticator-based 2FA as well. Since there's no need to provide a mobile phone number, this is more or less a no-brainer for added security, especially since some websites have not moved to HTTPS.
I've found the following programmes/apps essential for TOTP management:
- KeePass (https://keepass.info/plugins.html#traytotp) with the KeeTrayTOTP plugin (https://github.com/victor-rds/KeeTrayTOTP/releases)
- WinAuth (https://winauth.github.io/winauth/index.html) (Windows authenticator)
- FreeOTP (https://freeotp.github.io/) (Android and iPhone authenticator)
Hope that's of some help to anyone curious about using OTP codes.
Two other options:
- 1Password (https://1password.com) but it's a subscription model now
- Pass (https://www.passwordstore.org) Kind of has a steep learning curve. Requires the pass-otp plug-in, just paste the totp token URI into the file for a given site, or use a QR decoder to decode a saved code image to find the URI.
Nice. Pity that Pass4Win is no longer developed, but I will play around with qtpass.
The beauty of KeePass is that it auto-types the OTP, as well. This is the sequence I use:
{USERNAME}{ENTER}{DELAY 4000}{PASSWORD}{TAB}{TOTP}{ENTER}
After entering the username alone, HA takes me to a page where the password and OTP can be entered. A delay of 4 seconds is enough for the second page to be ready.
Wouldnt mind it if KeePass had a REd Steam/Blizzard authenticator.