It also tugs you closer into the sphere of their sphere of data gathering, which has no benefit to you but perhaps some risk. MS Authenticator is also closed source, and you cannot have it active on multiple devices at once. And it's a free service, so if the FSB stops paying off Twilio, Authy could go away at any moment. You cannot export its datastore so you have no way to recover your secrets if Authy ceases operation. It is super duper secret closed source, so you can't be certain they aren't sending secrets to the Russian FSB. However, BA is not suitable for use on Bitwarden itself, because it is effectively INSIDE your vault, so you cannot access it until your vault is already unlocked. TOTP, which is the type of 2FA that Bitwarden Authenticator and Authy provide, is a close second.
This is arguably the best 2FA method you will find for most web services today. As a premium subscribed you have the option of FIDO2/WebAuthn (the hardware token, like a Yubikey). You don't mention what kind of 2FA you use there. This especially includes Bitwarden itself. Even SMS (which has known deficiencies) is better than nothing. You absolutely should be using some sort of 2FA for every service that offers it.
0 kommentar(er)
