i don't really know how to use 2FA without being terrified i'm going to end up like idiot doom spiral from disco elysium if i lose my phone. i already had my phone factory reset itself one time because i woke up on the wrong side of the bed one day and took 10 attempts to remember my lock screen pattern 🤷♀️
- they/she
- musuwi.neocities.org/
giant rat, unkempt nerdy bimbo, full time female-presenting-peepees drawer
~~~~~~~~~~~
nsfw/fetish art interspersed with big text posts about whatever's on my mind
(adhd posting)
~~~~~~~~~~~
check out my art account 🔞@polyalloys🔞
furaffinity
www.furaffinity.net/user/mu-suwitwitter
x.com/MuSuwiwebsite
musuwi.mom/You must log in to comment.
in reply to @mu-suwi's post:
good 2fa has the ability to involve a hardware token, so that one would have to misplace two things before getting fully locked out. alas, most 2fa isn't good
I felt that way when I first started using 2FA via the old Google Authenticator app and it felt very tied to my phone. Yuck.
On Android, switching to the open-source andOTP gave me more peace of mind because it has automatic backup options you can set up to ensure your 2FA secrets are saved in other places than just that single device. For example you might use Dropbox or (highly recommended) Syncthing to have those backup files copied around to various other devices and accounts of yours. Now it's no longer game over if your one precious mobile device gets lost/destroyed/etc.
Aside from phone 2FA apps, various password managers now incorporate various types of 2FA support. A plugin for KeePass lets it store 2FA secrets and use them to generate login codes on demand, for example. These password managers often have backup systems of their own, which then have the happy effect of creating redundancy that helps keep your 2FA secrets safe in the event of a lost phone or whatever.