[reillyse]

Until you switch devices and then you lose access to your account or spend a morning wading through Authenticator transfer hell for each account. I learned that lesson last time I switched phone and now everything lives in my password manager + sms 2fa

[IggleSniggle]

There’s a middle ground with an out-of-band shared decrypt. Authy has the most user friendly TOTP sync that lives on device, but are other more open source ways to have your cake and eat it too in this regard.

[peanball]

Or OTP Auth in the App Store, uses iCloud sync. I use that one happily for years now.

https://apps.apple.com/de/app/otp-auth/id659877384?l=en

[couchand]

> lose access to your account

When you set up the device and GitHub showed you a handful of codes and said "don't lose these they're important" you kept them, right?

> Authenticator transfer hell

I've switched my primary TOTP device twice in the past few months and I have no idea what you're talking about.

[silisili]

Paid bitwarden has a cloud based totp that I've been using for this reason. Works perfectly.

[nyuszika7h]

There are multiple better solutions to that:

- Use a 2FA app with sync like Authy (even Google Authenticator has basic backup/export support nowadays, but it's still far too easy to lose your codes with it)

- Use a password manager with 2FA support like KeePassXC/1Password/Bitwarden

- Use a YubiKey (ideally have two in case you lose it)

[hackmiester]

The built-in iOS keychain will let you save your MFA tokens as well, and this can sync between devices. Or, you can use Raivo, and back up the tokens either manually or in iCloud.

[WhyNotHugo]

If you switch phones often, a Yubikey might be better 2FA (it's definitely safer).

[lmm]

Authenticator added single-code transfer of everything now.