-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Welcome to the javascript-vipaccess wiki!
javascript-vipaccess should work with any TOTP client, including software and hardware:
Google Authenticator App
https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
Authy
https://play.google.com/store/apps/details?id=com.authy.authy
Yubikey Neo
https://www.yubico.comb/products/yubikey-hardware/yubikey-neo/
A physical Yubikey Neo stores your secret keys safely off of your phone until needed, so it is a magnitude safer than any mobile app-only solution that can be remotly hacked to steel your keys. The Neo works with a Yubico NFC mobile app to provide the key for TOTP use cases.
I've been using Yubikey Neo for a year with gmail, github, Etrade, and Lastpass on my android phones, tablets, and windows workstations without a single issue.
FYI, the most secure logins, including google and github, dont use TOTP. They use the Neo's FIDO Alliance Universal 2nd Factor (U2F) protocol. The U2F secret key never leaves the Neo hardware. Neo supports both U2F and TOTP so it is the best safest single-solution that works across platforms, in my opinion.