2FA TOTP OpSec

Using Zcash the wrong way can completely defeat the privacy aspect at best, or lead to loss of funds at worse. We should discuss those things in here a bit more so we ensure the community has the best chances to avoid making OpSec mistakes.

I have just seen the following tweet of @daira - scary:

I am not sure why anyone would still use Google Authenticator. I use FreeOTP+, which is open-source, fully offline, enables me to backup my codes, and has in-app authentication for added security.

I’m not saying this app is the best, but it is the best I have found so far and it has definitely beaten using Google Authenticator for the past… few years.

2 Likes

i once got phone reset without backing up all my 2fa stuff and learned my lesson also to not ever use that app and also to back up more.

2 Likes

I am using FreeOTP now. Bear in mind that I was a fairly early adopter of OTP. When I started using Google Authenticator, FreeOTP and FreeOTP+ existed but were not well known.

1 Like