Also include hints and tips for less technical readers. We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. But just because something is popular doesn’t mean it’s without flaws. Without any doubt, Authy is the number one choice for me, whenever I need an Authenticator program. Service: Blogger - Alternative: WordPress Best Alternative to Twilio Authy based on price and UX NovemMax Irzhak Twilio Authy is one of the most popular solutions for two-factor authentication. Twilio Authy (formerly known as Authy) holds the top spot when it comes to the Google Authenticator alternative. Service: Google Reader - Alternative: Tiny Tiny RSS One major setback for Authy is that it forces obsolete SMS verification, this is a severe security weakness and should be abandoned ASAP. ![]() Service: Dropbox - Alternative: Nextcloud ![]() It is literally the best 2FA application out there. Maybe there are some simple app templates that could be easily customized/branded for our company? (If it was a well-known app like Google Authenticator or Authy, we wouldn't need branding, but if we roll our own, I guess we would.While you're here, please Read This FirstĪ place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control. The automatic backup and sync makes it seamless to use the app hassle-free. Ideally all the app would do is subscribe to these 2FA push notifications and relay the Approve/Deny responses back to our servers. The key is that we don't want to spend a lot of resources on developing our own app. ![]() I'm also wondering how hard it would be to roll our own solution with something like Firebase Cloud Messaging. At our volume, that's not too expensive, but I'm wondering if there are cheaper/better solutions out there for our use case. So far, Authy is the cheapest and most straightforward solution I've found, but it would cost $0.09/auth. The smartphone app does not need to be white-labeled, but the enrolment process should stay on our website (no third-party portal redirect, no or minimal user information stored on the third party service, everything done through API and instructions to user.) Perhaps about 500 concurrent push-based 2FA users would be our goal over the next few years. What authenticator app do you guys recommend I see a lot of people recommend Authy but I also see some say it's bad. We anticipate that some of those would switch to push-based 2FA, but slowly and over time. What volume are we looking at? We currently have many thousands of user accounts, but only around 300 are using SMS-based 2FA, and they are logging in around once per month. To my knowledge, Google doesn't yet offer this push-to-accept UX, rather users must manually enter into our website the code that was presented via the app. Stacks 1 Followers 0 Votes 0 I use this What is B-SECURE and what are its top alternatives It helps companies improve their security posture, minimize their risk levels, and simplify regulatory compliance. Enabling 2FA does not require an Authy account, but if you have one, you will be able to use either the Authy App or SMS messages. Why not just use Google Authenticator? We want the following user experience: When they enter the correct username and password to log into their account on our website, we would trigger a push notification to their device via the app, and then they would tap Approve/Deny, which response would be sent back to our server (or obtained by polling) to complete the authentication process. OpenSSL, Lets Encrypt, Ensighten, Google reCaptcha, and Authy are the most popular alternatives and competitors to B-SECURE. (We build all our login/authentication features with custom server code and are comfortable working directly with REST APIs.) We also need the system to provide an Android/iOS app that users can easily install and pair with their website account (perhaps via one-time numeric or QR code). We need a system that provides an API for us to enroll users and send/receive authentication success/failure messages. ![]() We are looking for a service/API/library to help us implement a push-based two-factor authentication (2FA) system to supplement the existing SMS-based 2FA on our website.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |