Yup, I'm a big Aegis fan. Slick interface, about all the features you could want. I have it set up to export encrypted backup of the database onto a directory of my phone every time the database is changed. Then once a week foldersync backs that directory up to the cloud. Foldersync isn't free (paid version is a few bucks). It's not open source either but I don't worry about that because it only has access to the encrypted data.
Since your an android guy interested in 2FA, I have to mention another really slick app... wearauthn. It basically turns your wear os watch into a hardware key for U2F / FIDO2. If you use hardware key you always need a backup key... so I have two backup Yubikeys, but I don't need to worry about where they are or taking them on the road with me... my watch is always with me.
This is the 2FA App that I'm currently using for my Reddit Account. It's the best 2FA App on the market in my opinion. I just hope that the Backup feature is working. I'm checking it everyday and it says syncing to my Google Drive Account.
Bitwarden has browser extensions and apps so it can be used on any computer and smartphone. You can also access your credentials and TOTP codes (2FA codes) via the Linux terminal.
You can even self-host it if that makes you happy.
"There are also strong reasons not to keep your MFA token with your passwords."
Yes, I think that is a very good point.
Question: In looking at Bitwarden features, there is a row for "Bitwarden Authenticator (TOTP)" and also one for "2FA". And the free version provides 2FA but not TOTP. I guess I'm not up on this enough to know the difference. Can you help me out? Thanks!
We use the 2FA daily for shared access to end user accounts and vendor accounts as most vendors have requested we turn on 2FA and MYKI allows us to create shared access - https://myki.com/features/autofill-2fa
The problem with Steam is that you need to manually extract your accounts "shared secret" before you can enter it into a 3rd party 2FA app like andOTP or Aegis.
We have a short howto in our wiki: https://github.com/andOTP/andOTP/wiki/Shared-secrets#steam
If you want to uninstall the official app after you get the shared secret, please verify that the app you use displays the same code as the official Steam app before you do so!
Based on your comments in this thread, if it were me, I'd probably just use one of the other 2FA services that have backups, but not SMS recovery methods. 2FAS is excellent for one. 2FAS has automated backups through iCloud or Google Drive depending on if you are on iOS or Android.
Microsoft Authenticator has recovery via email, but doesn't really "sync"