One more step to unhitching from Google…
Right now the only option I see in F-Droid is Aegis.
I’m not sure what to actually look for side from checking for unexpected permissions and reasonably frequent updates.
Hopefully something I can sync with a GNOME app…
Just looking back at my purchase history, I got my Yubikey’s back in January 2020, it appears that I never read this doc about scanning the QR code for the backup key, or maybe I did? I don’t really remember it all too well. Regardless In certain circumstances my keys do the exact same thing and I’m quite sure I followed some guide to create one primary and one secondary key but it’s possible that guide has gone outdated.
I can totally respect the folks who opted to self host, I’m horrible when it comes to backing up data and such and self hosting wasn’t really my thing back in 2020 so it never really was on my radar.
Couldn’t agree with you more, everybody has that dial between convenience and security and should adjust accordingly.
Yeah maybe this guide wasn’t there when you bought yours or it is outdated. Problem is, you have to setup the 2FA from scratch for these accounts if you don’t have the QR code anymore. Might still be worth a try to really get two identical keys.
Aegis is still an app on your phone. It just is not connected to an online service so you control the database file youself. It of course always depends on you setup e.g. if you have a single device that acts as your 2FA “key” and keep offline backups of the database you don’t have to host anything. If you want to authenticate with multiple devices and add new accounts often some form of automatic sync might be helpful. Even though I like the app, I don’t want to convince you of Aegis. I just didn’t want to paint the wrong picture.