I've done another round of research into Authy and I see what you mean. I was aware that some people don't like Authy because they object in principle to multi-device sync altogether, which I understand but am not willing to live with; I also knew that Twilio had been hacked before. But I hadn't thought so much about the lock-in and the elevated risk for getting locked out if Twilio goes kaput.
So, features that I want in a TOTP app:
* Backup to cloud. If all my devices are lost/destroyed at the same time, I want recovery to be possible using information I store offsite.
* Backups not stored to my own iCloud or Google Drive, which are frequently accessed from my own devices.
* Export of codes possible from the installed app so that if the vendor goes away I can migrate.
* Not published by Bitwarden. I'm happy with Bitwarden, but I would prefer that the vendor I use for TOTP be distinct from my password manager vendor.
I've done another round of research into Authy and I see what you mean. I was aware that some people don't like Authy because they object in principle to multi-device sync altogether, which I understand but am not willing to live with; I also knew that Twilio had been hacked before. But I hadn't thought so much about the lock-in and the elevated risk for getting locked out if Twilio goes kaput.
So, features that I want in a TOTP app:
* Backup to cloud. If all my devices are lost/destroyed at the same time, I want recovery to be possible using information I store offsite.
* Backups not stored to my own iCloud or Google Drive, which are frequently accessed from my own devices.
* Export of codes possible from the installed app so that if the vendor goes away I can migrate.
* Not published by Bitwarden. I'm happy with Bitwarden, but I would prefer that the vendor I use for TOTP be distinct from my password manager vendor.