Despite the improvement in cybersecurity, data breaches are on the rise. Therefore, relying solely on passwords to protect personal accounts is recklessness. A strong password is no longer enough, and it wasn't in the first place.
This article is sponsored by TUXEDOComputers, a German company that produces Linux hardware, notebooks, computers, and more. Always and forever, all ideas and opinions on this website are wholly mine, as my values are not for sale. To learn more, read our Code of Ethics.{alertInfo}
{tocify} $title={Table of Contents}
What is multi-factor authentication?
Multi-factor authentication, including two-factor authentication, is an authentication method that requires users to provide more verification information than just a password to log into an app or online account.
To enable two-factor authentication, you can use one of the following options as a second authentication factor:
To enable two-factor authentication, you can use one of the following options as a second authentication factor:
- SMS or email authentication
- Biometrics (such as Touch ID and Face ID)
- Authentication app (One-time-password generators)
- Physical security key (hardware authentication device)
SMS or email authentication is the most common but, unfortunately, the easiest to crack.
Biometrics is a good option, but not all computers feature a fingerprint reader or an effective face ID system. Also, your biometrics are critical information, so you don't want to share them with every company.
All the above reasons make authenticator apps the most common suitable option since they are widely supported and inexpensive, easy to set up, much more secure than SMS or email authentication, and work offline.
You can easily set up the authenticator app by entering the secret code or scanning the QR code provided by the website or app on which you enable two-factor authentication. After successful setup, the application will start generating random, frequently changing One-time passwords (OTP), which you should use for authentication.
After activating the 2FA, you will get a recovery key that you can use if you can no longer access the authentication app for any reason. Write it down or print it and keep it in a safe place, as you do not know when you will need it.{alertWarning}
What are the best open-source two-factor authentication apps?
As it is known, not all apps, including two-factor authentication apps, are open source and support Linux. To put you at ease, I present to you my list of the best open-source two-factor authentication apps for Linux & Android:- GNOME Authenticator
GNOME Authenticator is a GTK Linux app with a beautiful clean UI. It supports SHA-1, SHA-256, and SHA-512 algorithms, QR code scanning from a screenshot, restoring from known applications like Google Authenticator (The same applies to backup), and lock with a password.
- Keysmith
Keysmith is a Qt Linux app built mainly for Plasma mobile and desktop. It supports both Time and Hash-based OTP. Currently, It is missing QR code scanning and backup/restoration features.
Fortunately, The application is still under development, and these features are within the developer's plans.
Fortunately, The application is still under development, and these features are within the developer's plans.
- AuthPass
AuthPass is a free cross-platform password manager with Time-Based One-Time Password (TOTP) support. In other words, you can use AuthPass as a 2FA authenticator. It supports Fingerprint/Face Unlock and cloud sync/backup using Google Drive, Dropbox, or Nextcloud via WebDAV.
- Authenticator Pro
On Android, Authenticator Pro is my first choice. The application comes with all the features and options required in a 2FA application, including TOTP, HOTP, and mOTP support (mOTP=Mobile-OTP, a time-synchronous one-time passwords based solution with strong encryption for java-capable mobile devices), encrypted backup with save-to-cloud storage option, customizable colors, dark mode, clean brands icons, and Wear OS companion app. The only drawback of Authenticator Pro is that it is not available for Linux.
- Aegis Authenticator
The Aegis Authenticator is Authenticator Pro with a few extra aesthetic touches and security features, such as panic trigger support using Ripple (A panic button app).
Bonus: Best hardware security keys for Linux
If you want to take the security of your accounts to an advanced level, then a security key is the solution, provided that you are careful not to lose it!
Disclosure: Please note that this Blog contains affiliate links and any sales made through such links will reward me a small commission – at no extra cost for you.
We do not recommend the use of the installment payment options nor the purchase of additional protection (insurance) plans. For more details (including reasons) read our Ethics policy{alertCaution}
- Yubico Yubikey
 |
| Yubico Yubikey collection (Image credit: Yubico) |
- Thetis Pro FIDO2 Security Key
 |
| The Thetis Pro FIDO2 Security Key with Dual USB Ports (Image credit: Thetis) |
{getButton} $text={Check it out (Amazon)} $icon={info} $color={#FF9900} {getButton} $text={Check it out (Walmart)} $icon={info} $color={#0071ce}
- Nitrokey FIDO2
 |
| Nitrokey FIDO2 (Image credit: Nitrokey) |
If you enjoy reading my blog, consider supporting it: Paypal account: contact@linuxtechmore.com. For more support options contact me.{alertIdea}
"The only drawback of Authenticator Pro is that it is not available for Linux."
ReplyDeleteWhy is this not in bold?
Thank you, l took your suggestion.
DeleteI am just experimenting using KeePass and the KeePassOTP plug-in. It works like a charm !
ReplyDeleteI am just experiencing 2FA with OTP with KeePass and the plug-in KeePassOTP. It works like a charm :)
ReplyDelete