You can use AEGIS if you want to have local OTP codes generation.
I'm using 2FA from Bubka (https://github.com/Bubka/2FAuth) in a docker and also this app (https://github.com/kslcsdalsadg/2fauth-for-android) we have developed in order to have local (phone) OTP codes generation.
argante Personally I don't recommend to use the same app for passwords and 2FA codes. You know that thing about not putting all your eggs in one basket? ;)
I switched to ente auth a while back and I'm pretty happy with it so far
Authy is basically an online service, so something like Ente Authenticator would make the most sense, IMO.
Since it runs on the same device anyway, there isn't much of a security benefit by splitting things up. So going for convenience wouldn't hurt.
You can also checkout passy (https://github.com/GlitterWare/Passy). It also has local device syncing
cdflasdkesalkjfkdfkjsdajfd Personally I don't recommend to use the same app for passwords and 2FA codes.
As Molasses pointed out, it doesn't really matter as long you have both solutions on the same device. Likewise, if you use the same communication channel for both factors (e.g. the same SSL/TLS session). OTP only protects you more if you use the same password in multiple places and it gets compromised in one place (so use different passwords). So if you really care about security, use asymmetric cryptography-based authentication on an isolated piece of hardware (e.g. Nitrokey).
argante As Molasses pointed out, it doesn't really matter as long you have both solutions on the same device
Yes and no. Where it does provide some benefits is if the app itself would be exploitable, not the entire device. Obviously as always 'it depends' but there are some benefits to not use same app for both.
But personally I use a hardware key for my work accounts bypassing the need to use any kind of authenticator apps. Works like a charm, and I don't really need to worry about the app going rogue/bad/whatever and me not being able to auth.
0xsigsev I've a Yubikey 5 in a drawer for months because I think the number of entries that can be added is too low. What number of entries do you have added?
cdflasdkesalkjfkdfkjsdajfd Less than 10, but there's 100 passkeys you can add to new yubikeys so I doubt youd need that many for now.
Also as I said I use it for work so even if the limit would be lower I don't care. Personal usage is a different matter.
0xsigsev Now I have 55 accounts for which I use 2FA
cdflasdkesalkjfkdfkjsdajfd MFA is something different than passkeys. I don't log using anything but the key, so no user/pass needed to be inputted for. As I said for personal accounts I have a different more standard setup, but I begin to move the ones which I can. But adoption is still very small.
I migrate (manually!) from Authy to Ente. I didn't sign up to anything so my codes are not backed up with anything, especially with no network access.
I tried Aegis but it kind feels less.... comfortable to use?
And in my opinion TOTP should be kept separately from the password -- so in case of the vulnerability like this or the immense leak like that do not expose you to the absolute maximum level.
If that's the FIDO2 / U2F key, that's fantastic. If that's separate device, that's brilliant, but even in the usual case - same device and software-based TOTP - separate app is always better.