I can recommend Aegis as well.

As far as I'm aware of there is no data exchange between google and your 2FA app. Usually you get a key (QR code or cipher) and add it to your app. Done. The 2FA code is generated locally on your device without any connection to google.

Any TOTP application you like will work. Just choose the "google authenticator app" option -- in reality it works with ANY authenticator.

I am using Aegis Authenticator for TOTP 2fa :-)

[deleted] Some questions, please:

(My situation: I have a proton mail account, and still have gmail account which I want to access from my GOS P7, a windows laptop, and a Linux laptop.)

Presuming you have a gmail account and that you access it from multiple devices, and each device is using proton pass:

  1. How did you configure gmail? (e.g. indicate "google authenticator" for GOS, then use PP on GOS, and extensions on firefox and/or windows laptop?)
  2. Does Proton Mail coordinate the various uses of Proton Pass?
  3. Was your first use of PP and 2fa on your GOS Phone?
    TIA

    p338k Yubikey is nice. It is disappointing that Android has poor support for them.

    You can use your phone itself as a 2FA key. Use your phone's built-in security key

    Generally: Always have backups for 2FA. I have YubiKeys, SoloKeys, NitroKeys and OnlyKeys + andOTP (TOTP App) & gpg encrypted backup. YubiKey is proprietary, everything else is open source.
    I use my hardware Pin protected OnlyKeys the most. For PW, 2FA and FIDO2 SSH keys.

        a month later

        Yubikey is proprietary and their firmware cannot be upgraded. So you need to buy a new one if you need more features or a security fix.

        gonzalo Solokeys1 works with pixels?

        Neither SoloKey1 nor SomuTiny. Pixel has a Titan Security Key built in. The link above explains how you can use it to log in to Google.
        Although you can use an Onlykey-DUO on phones, I prefer OTP apps on Android.
        andOTP (unfortunately discontinued, but can do OpenPGP-encrypted backups) Aegis can import the entries of andOTP & lots of other authenticators.

        If you use 2FA you need an OTP app and hardware sec key(s) anyway.