I just got an iPhone and I need a 2FA app that has cloud backup support. I need the automated cloud backup functionality so I can’t rely on Raivo or Tofu authenticator backing up to iCloud, as I don’t use iCloud Backup.
Microsoft and Google Authenticator are out because as shown in the Naomi Brockwell video about 2FA apps, those two collect way too much data. And my password for my google and microsoft account is in my Bitwarden, which is secured by 2FA. So why would I secure my 2FA codes with a password in Bitwarden that I need my 2FA codes to access? That seems like a way to lose access to my 2FA codes.
I’m left with Authy and Ente. Authy collects a lot of data too but at least Authy is a standalone service. I really like Ente but it’s new and I’m not sure if I can trust it to be reliable or to be around for a long time. I don’t want Ente to shut down next year or so and then I’ll be screwed. But I also don’t want to use Authy and surrender my data if I don’t have to.
I doubt ente will shut down, but even if it does you can always just export your codes and switch to another app…
Echoing off of @Jonah’s point, Ente does provide an easy way to export your tokens and import them to another app. Sadly, Microsoft and Google Authenticator don’t accept imports. The challenge becomes finding an app that accepts imports
You can always import to any app manually by just entering the secret keys from your export file that you can open in any text editor.
Authy is tied to the phone number and also doesn’t have E2E encryption (AFAIK). Phone number identifies you instantly, and if you lose your phone with the sim card in it it takes a bit of time to restore your number and your 2FA codes with it.
And it’s damn impossible abroad, not to mention that it’s more devastating to lose your phone abroad. It happened to some people i know and it was a huge pain.
Also exporting your 2FA codes out of Authy is also damn near impossible. It requires a rooted Android device and i was lucky to have one at hand, but you might not be.
My main problem with Authy is that it locks you into their app and gives you no easy way to switch from it if the need arises. Authy can go down at any moment too, just like Ente, but there’s no way to export your seeds.
Ente on the other hand has none of these issues, and out of two options that you brought up i’d choose Ente with no hesitation.
Authy has E2EE for secrets but not for email address or phone.
@luih You said you don’t use iCloud, is there any specific reason? It’s also possible to sync 2FA via iCloud Keychain natively.