I use Aegis, it works well
this post was submitted on 13 Oct 2025
120 points (97.6% liked)
Selfhosted
53057 readers
614 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
I like Aegis.
Bitwarden. I don't self host it, though. $10 a year for password management and 2FA is fine by me.
Same. Self hosting it sounds nice, and I self host a handful of services, but I don't want to be stuck without passwords in another country with a dead server at home because a power cut happened at some point.
Bitwarden caches your vault to your device, so you don't actually need a live connection to the server.
I had fault in my server this summer and my local bitwarden app wouldn't work without the connection. Same in my laptop, if the connection is blocked by the firewall it doesn't let me load the vault at all.
load more comments
(1 replies)
load more comments
(1 replies)
It's niche but I like to point it out whenever I get the opportunity: if your workplace uses Bitwarden Enterprise, every licensed user gets a free family plan that can be linked to any account. I haven't personally paid for BW for years.
load more comments
(2 replies)
I've been using KeePassXC. I use Syncthing to keep the database synchronized between computers.
Same here. If it's TOTP based 2fa, you can keep them in entries and use them from there.
Tbh, if you're using the same DB for PWs, you've successfully downgraded to 1FA now. Except maybe if you use a seperate KeyStick/Yubikey as secret bearer or smth
More like 1.5FA, at least. It still protects against passwords being compromised in any way that doesn't compromise full access to your password database, which is still a lot better than using just passwords without a second factor.
load more comments
(2 replies)
load more comments
(1 replies)
I use Aegis on my phone.
Aegis ♥️
Aegis
Aegis.
I like the auto backup feature (encrypted) . Then the backup is synced to computer via Syncthing.
Set and forget setup.
load more comments
(1 replies)
Bitwarden
I'm a little concerned about having OTP and passwords together in one system.
load more comments
(3 replies)
load more comments
(10 replies)
I've been using Aegis for several years now without any problems. It replaced the Google Authenticator seamlessly.
Aegis
Bitwarden Authenticator because Bitwarden seems to have a good reputation. I don't use their password manager, though.
It does seem faintly insecure that it displays all of the codes at once on one page, but I'm having trouble imagining a scenario where it's actually a problem.
Enteauth
Proton Authenticator. Has both Desktop and Mobile apps. Free. Don't have to sync to Proton.
2FAS Authentication
Yubikey. I dont want to trust my phone, so I use some separate hardware instead
1password
Definitely this, especially if you'll be sharing with a non techie. My wife was able to pick 1password up and use it immediately and she normally turns her nose up at any of my recommendations.
For the 1password accounts 2FA, use a yubikey or aegis. Everything else to 1 password.
Aegis seems like a pretty good 2FA app on Android from what I’ve heard. Personally, I use Ente Auth as sync is very helpful when I don’t have my phone nearby (you can either use the desktop app or use your browser, both work). Don’t think you can self-host sync, though I might be wrong. Ente Auth also works without sync, so there’s that.
I would not suggest using a password manager’s 2FA integration (e.g. Bitwarden, I think Proton Pass has one if you use that?) as it kind of defeats the point of 2FA, since if someone got access to your password manager, they would also get the 2FA codes.
Vaultwardwn/bitwarden + a yubikey for bitwarden itself and a few others
keepassxc and a yubikey. And syncthing to keep all devices in sync
I use Aegis, automatically backed up every time a new key is added. Was using Authy for a while, but they're going down the enshittification hole, so I dumped them.
Yubikeys. I have 2 of them and both have the same entries in case one breaks.
Authenticator and Authenticator.
Damn thoe innovative tech companies, what will they think of next.
I use Proton Authenticator on an iPhone without an account and I am satisfied
Yubikey for 2Fa codes also works well for sudo and su (2Fa) or if you still use Windows I think it supports single sign on there. Absolutely worth the purchase have had my keys for years.
load more comments
(7 replies)
Bitwarden as Vaultwarden enables TOTP.
FreeOTP/FreeOTP+
depending on your goal for this (real 2fa vs just simulated) you shouldn't have sync in the first place.
you could also look into security keys (hardware solution, webauthn/FIDO2) as an alternative that has strong security with good user experience (no typing anymore), but they're not as widely accepted.
Adding to the Aegis chorus.
I also use Proton Pass for some sites that aren't as critical for me / don't have a bunch of PII. It's easy.
I use bitwaarden and stratum since it has a wearos app as well and it's nice to use that for 2fa codes
load more comments
(2 replies)
What you mean syncing with Gnome app?
Yubikey. It supports TOTP as well as passkeys. Plus is a physical device separate from my phone. Recommend getting 2 to have 1 as backup
I personally use Ente Auth and quite like it, don't use syncing and save an encrypted copy to my PC. I really like that you can see what the next code will be.
view more: next ›