Bitwarden has launched a new authenticator app - eviltoast

Bitwarden Authenticator is a standalone app that is available for everyone, even non-Bitwarden customers.

In its current release, Bitwarden Authenticator generates time-based one-time passwords (TOTP) for users who want to add an extra layer of 2FA security to their logins.

There is a comprehensive roadmap planned with additional functionality.

Available for iOS and Android

  • Snot Flickerman@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    50
    ·
    7 months ago

    No, they’re both ostensibly open source and standalone. I’m an avid Bitwarden Free user, but Aegis has been my go-to for a long time.

    If it’s a standalone completely offline app, like Aegis, I’m at a loss to what they could offer that is any different than what Aegis already offers.

    • Simon Müller@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      18
      ·
      7 months ago

      If you look at the roadmap they have in the blogpost, they are apparently planning tighter integration with the existing bitwarden suite

    • fluckx@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      7 months ago

      2FA push is on the roadmap. Does aegis have that? Or am I just too dense to realise it does?

      • Snot Flickerman@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        8
        ·
        7 months ago

        I mean, Aegis is 2FA? That’s literally all it is? It generates One Time Pad codes for various sites and apps that support authentication apps.

        So, I’m not sure what you mean?

        • laurelraven@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          9
          ·
          7 months ago

          I’m not positive but I’m assuming they’re referring to a kind of MFA where the authenticating service pushes to the client you possess rather than relying on a temporal cryptographic key. I’ve got a few services which work that way

          • fluckx@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            7 months ago

            That’s indeed what I meant. Similar to how OKTA, battle.net, or the Microsoft authenticator works( in corporate environments).

            You receive a push notification which asks if you’re trying to log in and approve it, followed by a fingerprint or a pin code to confirm, rather than having to type in the code generated by your app