[account-5]

I don't use my phone to log in to anything. All my stuff is done on a computer with a password manager.

At no time am I even likely to rely on Google for anything this important; every other week there's a thread about Google killing off accounts for no reason. No way would any sane person allow Google access to this with their track record. And this isn't even considering my suspicion that Google only wants to "help" with this so you're locked into their services and they are better able to track your activity.

[forty]

You might be able to do "passkey" with your password manager https://www.theverge.com/2022/8/31/23329373/dashlane-passkey... (I work for this specific one, but I'm sure others have similar things in the work)

[smileybarry]

AgileBits have passkeys in the works for 1Password:

https://blog.1password.com/1password-is-joining-the-fido-all...

[Spivak]

I mean that’s gonna be my adoption path. Once I can store passkeys in Bitwarden I’ll switch to them everywhere.

[alyandon]

Exactly. I will never trust Google to control access to my logins knowing that the Sword of Damocles (the Google "AI" deciding I'm a bad person) is hanging over my head.

If Google did an about face and started providing reasonable escalation mechanisms for when they lock you out of your account based on a faulty decision of their algorithm I'd consider it.

[KronisLV]

> I don't use my phone to log in to anything. All my stuff is done on a computer with a password manager.

More or less the same, except that I haven't found good TOTP solutions for the desktop, to the tune of KeePass (something that can run on Windows/*nix instead of making me use something like FreeOTP, Google Authenticator or other Android/iOS apps; or in addition to the mobile apps).

That said, even with multiple Google accounts for different things (e.g. personal e-mails, file storage, cloud services etc.) it feels like eventually you might want something like Qubes OS, another way to run multiple separate VMs, or just use separate devices for separate use cases.

Much like how some orgs have separate laptops for accessing prod environments, that are more tightly controlled, even though that's not convenient enough for most people.

[SAI_Peregrinus]

KeePassXC supports TOTP. Right-click a key, TOTP→Set Up TOTP... and put in the secret key (and settings if needed).

[KronisLV]

Thanks, this seems like the solution with the least friction for someone who's used to KeePass! A lot of other good solutions in the sibling comments as well, actually.

[pabs3]

I do TOTP on desktop Linux with Firefox, browserpass and pass.

https://github.com/browserpass https://www.passwordstore.org/

[saulrh]

Bitwarden will do TOTP, and its CLI tool is quite usable. If you want it fully local, just stand up a docker of their server software (which is open source) or the open source reimplementation (vaultwarden).

[josteink]

> Bitwarden will do TOTP

Not disputing this, but it requires a “pro” account which is $10 a year.

No big deal to me, in fact I find it a great deal, but I think it’s fair to be clear about this as not to provide false expectations.

[saulrh]

Fair. And self-hosting an instance in the cloud is probably comparable in cost.

[Ciantic]

Depending on your setup you could just generate TOTPs on command line and copy to clipboard, that's what I've implemented: https://github.com/Ciantic/totper

It works pretty well with pass (password manager) that stores each individual entry in GPG encrypted file. GPG is pain, but if you happen to use it already then it works.

[40four]

I’m with you, I de-Googled all my services a few years ago, and I couldn’t be happier with the decision.

I’m curious though, what’s preventing you from using a password manager on your phone? I use KeePass, and I’m able to use my password DB on any device I want.

[kelnos]

How do you handle syncing? I use KeePassXC on my desktop, and I back up the encrypted password DB to SpiderOak, but I haven't figured out a good way to get that DB onto my phone, auto-synced.

Also are you worried about the security of the DB on your phone? My password DB's passphrase is a good 50+ characters long, which I can type quickly on my laptop, but I can't imagine pecking that out on a phone. And I feel like I would not want the DB unencrypted/unlocked all the time on my phone; given the possibility of my losing it or it getting stolen, I'd want it to re-lock immediately after each use.

[abdullahkhalids]

> How do you handle syncing?

Syncthing [1] works very well. I personally do not trust my phone with my passwords, so barely do any serious things on my phone.

[1] https://syncthing.net/

[account-5]

Nothing really other than it's a device I can loose to easily or it could be stolen. I don't do banking on my phone either. Plus there's the hassle of syncing it too.

[yalogin]

Why can't the password manager kill your account? I am not advocating for google, just asking about the other solution you are relying on.

[erklik]

I don't think the point is that they can't. Just far more unlikely to, and there's usually more recourse. Google is mega-corp who never listens to their users, and are un-contactable. Some AI can and probably will ban some people for no real reason and even Google won't know why it happened.

[Danidada]

you can always use a password manager like the KeePass family which is file based. sync it across devices with nextcloud/syncthing instead of gdrive/Dropbox/one if you are extra paranoid

[pabs3]

You could use virtual-fido to store the keys on your computer, potentially in your password manager. Theres a link in my other comment about it.