I got confused for a second. I thought they added OTP to the Markdown editor that I use[1]. I wonder if the name "Obsidian" is gaining more popularity because of the recent surge in Minecraft's player base.
Obsidian is supposed to be a super tough type of stone (in the Minecraft game, in reality it's like glass, it's brittle and shatters easily, but because of the game everybody thinks Obsidian is tough).
OTP Authenticator implying that it's tough like obsidian makes more sense, than a Markdown Editor.
Of course, this is my opinion and I don't know why either of them called their project Obsidian.
Hi cassianleal, I'm the founder of Obsidian.
The meaning of the statement is that users' data are not stored on some external database nor are transferred (even if temporarly) to any server.
Communication happens only between Obsidian (app) and the iCloud keychain.
I'd love an explanation of that statement: if it uses iCloud, your data are stored on Apple's servers. Your data may be encrypted, but they are definitely being transferred from/to your devices and iCloud, and being stored there.
I don't have a problem with this, I use iCloud for this purpose myself, but I do believe you are correct to call out this statement.
Authy requires a phone number, which you may or may not want to give out, but it also lets that phone number restore backups, so it’s vulnerable to SIM swaps.
Also it’s ugly and super high latency to navigate, but that’s just my opinion.
"but it also lets that phone number restore backups" - is this true? I use Authy and can use a phone number to connect a new device to my account, but to restore access to credentials on the new device I need to enter a passphrase. I don't think there's a way to restore credentials with just a phone number, but will need to check.
Yep, I can add that backups in Obsidian are automatically managed and stored on the iCloud Keychain, hence accessible just by using the app on any device
I haven't been using Authy for years, last time I checked there was no easy way to export data from it (they want to keep you tieeeed!), but hopefully things have changed.
You would only need to edit/export the "secret" and copy/paste it to Obsidian, in case they allow it.
Anecdotal, but, Authy has been very buggy for me lately. Locking up (100% CPU) on my computer and sync across devices sometimes not working.
No specific reason to assume Obsidian is better, but, its annoying enough that it turned Authy from something that seamlessly "just works" into something which I feel like i'm fighting with.
For syncing across multiple devices and being potentially available on the web portal or from the browser extension check out Saas Pass if that’s what you might be interested in.
I'm curious about the "daily backups". Does this mean that if the data is deleted from the Apple Keychain the app has a local copy that can be reverted to?
Hi Kevin, every time you make a change (ie add a new token, delete a token, rename a token) a snapshot is made and saved under the current date.
These snapshots are then stored always in the iCloud Keychian.
Anyway the Apple Keychain retain a local copy on the device, which means that even if in airplane mode Obsidian works by reading the local keychain.
Thanks for clarifying. It seems like this will prevent some issues such as deleting the wrong token howver storing all of your "backups" in the same place as your primary storage (iCloud) is not a good strategy. If anything wiped your keychain it would be propagated to all your devices (unless you leave some on airplane mode) and you are now locked out of your accounts.
Apple Keychain is key-value storage, Obsidian stores tokens and backups under different keys to be able to avoid erroneous overwrites or key corruption.
Obviously if the whole keychain gets corrupted/wiped then there is no way to recover, but I find it unlikely, or at least never heard about it.
[1] https://obsidian.md/