Practical privacy and simple cybersecurity.
TheNewOil.org

iOS 2FA Apps Review 2021 (or Raivo OTP: The Only iOS 2FA App Worth Recommending in 2021)

Software two-factor apps are a funny thing. They all kind of do the same thing. Having said that, I managed to find one that shines above all the others for iOS: Raivo. So this week, I’ll review that and explain why I recommend it.

2FA: What to Use?

First off, let me remind all my readers that if you’re using SMS two-factor authentication, you need to stop. Go check your account right now and see if you have a better option. In some cases you don’t, and in those cases SMS is better than nothing. But the vast majority of sites these days offer app-based or even hardware-based two-factor, and if the site you’re using does you should use that without a second thought. In a perfect world, hardware 2FA is ideal, but this isn’t always feasible for everyone. For example, you may not have the spare USB space, or the token you want may not be something you can leave plugged in 24/7 meaning you might forget it. Most people don’t forget their phones, so for most people a software 2FA app is the sweet spot.

Why Raivo?

As I said before, there’s a ton of two-factor apps out there and most of them are very similar. In some ways, that makes picking the right one easy. While I have three criteria that apply to iOS 2FA apps, we only need two to really isolate Raivo as the best choice. First, we want something open source. I’ve preached time and time again on why open source is superior even if it’s not perfect. That automatically rules out a ton of apps. Second, Raivo offers local backups without using Apple’s built-in backup feature. A few years ago, my at-the-time 2FA app crashed while I was attempting to add a new account, and it wouldn’t open back up, meaning I had lost all my 2FA codes. For the most part I was able to get these reset, but in a couple cases I was unable to meaning I lost those accounts forever. As such, backups are very important to me now and I want everyone to have that feature. Thus, the only winner left standing: Raivo. (The third criteria, for those who care, is to be actively maintained. Raivo was last updated last month as I write this, so it is maintained.)

The Good

One thing that sets Raivo apart in my opinion was the wealth of icons in the library. Rather than phoning home to pull a Favicon or picking a predetermined icon for you, Raivo appears to respect your privacy by letting you pick an icon. This is actually even more helpful because some sites have multiple icons, and sometimes you have to have multiple accounts. For example, I have a personal Gmail account (I’ve had it for almost ten years and it’s in my real name, so even though I don’t use it I keep it just in case) AND a work email that’s managed by Google, so I can assign them each different Google icons to help me more easily keep track of them. They even have a pretty extensive library of icons for popular privacy respecting services like Proton, Brave, Cryptomater, Mastodon, SimpleLogin, and more. Another cool feature is that your vault is password-protected, so that can give you a second layer of security for your accounts by making a password or PIN that’s separate from your phone’s login PIN or password.

The Bad

Personally my biggest complaint is the fact that the password protection is mandatory. I have the mentality that if my phone has been unlocked, I’m already in trouble and using different passwords for different apps will probably not do me any significant good at that point, so the password lock is more inconvenient to me than helpful. There’s also some privacy services that I’m a little surprised not to see present, like CTemplar. But other than that I honestly don’t really have any complaints. It’s a nice-looking app that works great and I’ve yet to have any issues with it.

Conclusion

I don’t have much to say this week. As I’ve said, 2FA apps are all pretty similar. The main thing that really sets Raivo apart for iOS is the backup feature, but as I said that’s not the only thing. The password-protection and icon selection also make for a pleasant experience that makes it very user-friendly. If you’re an iOS user, I strongly encourage you to check it out if for no other reason than that you can make those backups. Learn from my mistakes.

You can download Raivo for free in the Apple App Store here.

Tech changes fast, so be sure to check TheNewOil.org for the latest recommendations on tools, services, settings, and more. You can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...