mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

380K
active users

@arstechnica

I was wondering why the university I'm attending uses a non-Google/non-Microsoft authenticator.

@Hawkmoon @arstechnica Hopefully they are using an #opensource alternative; those don't have a perverse incentive to tie the app to an account managed by a member of #GAFAM

There are several such options; #FreeOTP is my favorite freeotp.github.io/

freeotp.github.ioFreeOTP

@arstechnica so this is more about the Google Authenticator specific synching mechanism as a #security risk than any inherent #TOTP problem.

I get why there's a reference to #FIDO2, but I'd much rather use #SQRL than something that locks users to a specific, (probably) untrustworthy, provider.

@arstechnica it sure as hell didnt used to! ive lost like two discord accounts to that fact

@cg12 @arstechnica alternative is to use Authenticator not attached to an account

@arstechnica
Gotta put a plug in for Yubico authenticator with Yubikeys.

Secrets are write-only stored on the yubikey, not on the phone, thus not synced anywhere.

And you can use them as usb tokens directly too.

Just a satisfied customer...

yubico.com/products/yubico-aut

YubicoYubico AuthenticatorSecure your accounts and protect your data with the Yubico Authenticator App. Get authentication seamlessly across all major desktop and mobile platforms.