Rated 4.6 out of 5
4.6 Stars out of 5
- by Tom B, a month agoRated 5 out of 5Original review: I am very wary of an addon that gets access to very sensitive 2FA tokens which has very obfuscated source code. All the code is compressed and base64 encoded to hide what it does. It might be fine.. but I'm not trusting it if it's being packaged like this.
Update: Thank you for your quick and informative response. Security concerns aside, the addon works great and is simple and efficient.
Developer responseposted a month agoThis is false, our code is open source. The published code is not intentionally obfuscated, it has to be packaged with webpack to use npm dependencies. The minified code that is published is able to be reproducibly built with CI. Mozilla has add-on reviewers verify this by building it themselves from source periodically.
https://travis-ci.com/github/Authenticator-Extension/Authenticator/builds/175942292 (artifact is attached to GitHub release)
- by Erdin, Eray, 4 months agoRated 4 out of 5It's a great extension overall but lacks importing from other 2FA apps such as FreeOTP. This requires you to manually copy/paste or type your secret to the extension. It's okay if we have 2 or 3 services that we use 2FA to login but what if we have more? That's why I rate it one star less. However, gotta say it, this extension is still the best you can get and it's best at what it does.