2FA apps being attached to phones increasingly seems like a very bad pattern 😬
Conversation
Replying to
Phones may need to be handed to service or security people, are easily lost
1
13
Show replies
Replying to
Because phones being the sole device in our life carrying non-transferable/not-easy-transferable data is an anti-pattern?
1
Replying to
Yubikey isn't better.
If it comes down to keeping track of my phone or keeping track of my yubikey...
The phone wins.
Replying to
I never trade in my old phones anymore, I just keep them as backup authenticator devices
3
Replying to
I put them into my KeePass password database. (it's still 2fa, you need the DB file and the DB password to get an application password and 2fa code)
Online password managers also store+sync 2fa codes, but I'd only put them in if you can 2fa the online service
Replying to
i lost my phone this summer and was preparing to spend a week trying to get back into all my Authenticator-protected accounts
i (miraculously, after 5 days) got it back, but i’m now hyper aware of how big a pain it could be
Replying to
My phone died and my years old nightmare of a many 2FAs suddenly crying out in terror and then being silenced was only marginally less bad brought to life.
1
Replying to
2FA is also a pain for when trying to use a spouse's account (to be their secretary, etc.)








