Authy is something I’ve used for the last few years. I recently (within the last year or so) switched from LastPass over to Bitwarden. I did that for many reasons that I will go over in a future article. I still use Authy as my second factor authenticator and I will go over that in this article as well. Without further ado, let’s get into it!
Both Authy and Bitwarden are free to use. Authy, however, does not have a paid subscription. It is completely free, forever, with no ads or gimped features. This is due to the fact it is a really simple software. It displays the tokens you have set up and the accounts you have set up and you can switch between them. There is backup and offline syncing as well.
Bitwarden, on the other hand, has paid pricing starting at $10 a year. The basics are free, you can backup passwords, generate new ones, and it even includes multi-device syncing in the free tier. The biggest advantage of the paid tier for Bitwarden is the fact that you can incorporate TOTP with your passwords in the same application and you can automatically input them into apps that have that set up via mobile and on PC you can copy and paste them.
This is where it gets very different. Authy is very simple. You can see how it looks to the left., it is very simple. I whited out my token in this case but your token would be between the timer and the “SendGrid token is:” words.
Authy does not currently have a dark mode, unfortunately. It does, however, work on my Apple Watch. You can see on the right how it looks. You have your list of available tokens, press on one, and it appears just like it does on the mobile app with your token and the timer.
This is very different from how Bitwarden works. In order to see your tokens, you have to go into the individual login where you have the token set up, edit that login, and then you can see your token code. There isn’t a “tokens” tab within the vault to see your tokens. This can be seen as a good thing for security purposes if someone hacks your master password and is able to see your whole account, though that doesn’t stop them much if they got that far.
I tried out Bitwarden TOTP for a day or two and Twitter is set up to automatically type in the TOTP code from Bitwarden on mobile and it works well but it is only on some applications. With the ones I have used (different mail apps, websties, etc.) which you can see most of them in that Authy screenshot above, only Discord & Twitter prefilled the TOTP code. The rest, I had to physically open Bitwarden, find the login (for example, reddit), and then copy the TOTP code and paste it in. Finding the logins can be more difficult in Bitwarden than Authy because Bitwarden may not include the logos like Authy does and then you are looking through a list of text and I find that I am much slower doing it that way.
While it may work for some people and it may be nice having TOTP and passwords all in one app, I prefer having them separate. Not only for extra security but also because I prefer the look of Authy and I find it more clunky (and more expensive) to use Bitwarden.
What do you think? Do you agree? Let me know in the comments!