OK, so... what I did was set up 2FA by SMS, but I'm not sure I'd describe that as my "preferred" method, it was more an "Oh, I don't have a TOTP app on my phone... I'll just use SMS, that'll do for now."

And I kinda meant to change that at some point... but then I never quite did.

(Also, I have the GH desktop UI thing on one of my laptops, and it must be using some form of "internal" token anyway, since it seemed to just go on working...)

I feel like I ought to be using a TOTP app to access GH (and "things" more generally, I suppose) but never quite got around to it.

Um... so... does anyone have any recommendations for a TOTP app that I can have on my phone, say, and that they think works well?

At work we have physical RSA dongles, and they seem to work well enough, but I can't use that for "personal" stuff of course, and a phone app might be more "convenient" than a separate physical device anyway.

Suggestions?