Move Over Google Authenticator, FreeOTP Is Here

Discussion in 'Linux Other' started by Eric Hansen, May 28, 2014.

  1. Eric Hansen

    Eric Hansen Moderator Staff Writer

    Messages:
    124
    Likes Received:
    87
    Trophy Points:
    28
    A lot of people fancy Linux because of its open-source nature. The fact that you can see how it was built, what it does and how it does it makes a lot of people “ooh” and “aww” over the system itself. This has become such a case that there are even those who have went to the extreme where if its not open source, they won’t even bat an eyelash at it.

    Up until the whole NSA/Edward Snowden fiasco it didn’t matter a whole lot to me. I understood the importance back then but now its more of a “what do they know about me” thought process. This brought up a lot of people who are looking into deeper security as well, which is great. The biggest push has been towards two-factor authentication (2FA).

    On Android, Google Authenticator (Google’s flagship 2FA product) has anywhere between 1-5 million installs according to its Play page, while Apple doesn’t display this data on their app store page. This means that Google has a pretty strong hold on the 2FA app space. However, this comes at the price that Google Authenticator is no longer open source.

    Back when it first started it was. That was one of the big reasons it was treated like a godsend in the community. Google let you see how it worked, and it could be molded to fit your own needs. However, in 2013, Google decided to make it closed source to fit the new Google ecosystem.

    I still use it myself, at least I did. Until I discovered another solution from the Fedora project called FreeOTP. The source for the project for both Android and iOS can be freely viewed on their site as well. This adds back the “what are they doing” peace of mind that has been lost for the longest time.

    Installation
    If you can find the FreeOTP app through your phone’s app store you should be good to go.

    What Makes It Better
    1. Open source so you know what it does
    2. Supports HOTP and TOTP (Google Auth does too but is more suited for Google’s 2FA system)
    3. More settings for a token (specify when the time changes, how many digits the token will be)
    4. Supports hashing algorithms (MD5, SHA1, SHA256, SHA512 for Android at the time of writing)
    Should I Switch?
    This is more of a personal decision. I would if you have concerns about your own data or need extra security for your tokens. There’s also other apps out there that you have to pay for but might be worth it (i.e.: Authy) if you use 2FA in a lot of places.

    The one thing that I believe can set FreeOTP apart from either Google Auth or even Authy is that FreeOTP is meant for systems. Google Auth is intended to be used to log into their systems (GMail, YouTube, etc…) and Authy for the same but a wider range of website support (Facebook, Dropbox, etc…). FreeOTP is intended to just generate codes and you do what you need to with it.

    I’m using FreeOTP for now on because of this, and am not looking back.

    Attached Files:

    ryanvade and DevynCJohnson like this.

Share This Page