Why do password managers charge for TOTP code generation? - eviltoast

Is this some sort of a convenience feature hidden behind a paywall to justify purchasing their subscriptions or does generating the codes actually cost money? If the latter is the case, how do applications like Aegis do it free of cost?

  • jard@sopuli.xyz
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    1 year ago

    I use Bitwarden TOTP because my Bitwarden account is already secured with a Yubikey as a second factor. It’s the best solution I have for services that only provide TOTP and not FIDO U2F (I would use the Yubikey directly otherwise.)

    • umami_wasabi@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Except Steam and banks that are stubborn and insist to use a custom implementation rather a standard one.

      • jard@sopuli.xyz
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Yep, for some reason Valve and the incessant Steam fanboys insist that mobile-based Steam Guard is absolutely perfect and anything like U2F just makes things more insecure… somehow.

        Fortunately, Bitwarden at least implemented Steam’s own TOTP algorithm. With a very user unfriendly process you can grab the authenticator key Steam gives you via the third party Steam Guard desktop client, insert it into Bitwarden, and then it’ll happily generates the right verification codes for you.

      • VonReposti@feddit.dk
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        The Danish ID solution actually offers the possibility to use FIDO U2F. Unfortunately the requirements were to provide the option and not how to provide it, so you have to purchase their “special” key since you can’t use your own Yubikey even though it’s the same hardware…