You are reading a single comment by @neu and its replies.
Click here to read the full conversation.
-
Thanks, very helpful.
So for personal use you would use basic Bitwarden plus a separate 2FA?
Why not Bitwarden 2FA?
neu-
Why not Bitwarden 2FA?
Putting both passwords and 2FA in one place creates a single thing that if compromised now provides access to everything.
At least keeping them separate means if you have Bitwarden installed and logged in and you've left your device unattended, that the 2FA isn't also compromised at the same time.
So I use different apps, and set the security of the 2FA to need biometric on every occasion.
Velocio
BitWarden https://bitwarden.com/ is the one I swear by currently. Open source, all platforms.
For 2FA apps, on Android I now swear by Aegis https://getaegis.app/ ... but mostly because it works and it enables import / export and my 2FA secrets would be hellish to reproduce so being able to back them up within my control is great.
For VPN it depends what you want one for... but if privacy / security then https://mullvad.net/en/ are the only game in town (that has actively stood up for the principles by which they claim to operate). If it's for pure geolocation detection avoidance for things like Netflix... I dunno, I don't do that so I'm not sure if this is a fit for that.