hello
I have used YubiKeys for sometime, and I am transitioning to NitroKeys - hence the comparisons.
i have setup a TOTP with the Linux Application - NitroKey App v 2.3.3
However, I am not able to find a way to access the TOTP with Android
Could you please provide a link to the documentation on this topic ?
Thanks,
Hey , unfortunately there is currently no app which is built for nitrokey 3 totp for android right now.
I was looking for a similar use case as the yubikey counterpart has a nice app for totp.And even the password manager hopefully.
But sadly as far i am aware from the developers their is no plan to build such app on their roadmap.
Though its not a big bummer right now. I already use bitwarden for totp stuff.
Also more services are now implementing passkeys on their websites so nitrokey fido features should be useful
I am not sure how yubikey is implementing it right now and if the totp secrets are exported into the mobile app.
If you are storing totp secrets on the yubikey device , exporting it into a app doesn’t makes much sense and only the codes should he shown which is the case for nitrokey app 2.
@kevin - thanks for the clarification
I don’t believe yubikey copies anything into the applications
the applications simply read the info held on the yubikeys - hence it is required to have them physically connected to the phone/laptop/devide
While the option of reading TOTP on android does not exist
NitroKey linux app does offer the option of reading and storing these TOTP codes
it seems to be missing user-case
Does anyone else finds necessary to read these TOTP on an android phone ?
Most often TOTP are used as secondary factors, e.g. supplementing a password. The design allows to set up the same TOTP secret on multiple devices. On Android there are quite a few established applications to store TOTP.
I think for most use cases the flexibility to use one device (NK) or another (Android) for the secondary factor suffices, also you gain a backup of the TOTP. This may be different when you mainly use TOTP as secondary factors for secrets already stored on your Android phone, but most services indeed offer other fido2 alternatives. These may then be more useful choices, because they can offer stronger authentication than TOTP per design.
