I don't know if it's just because I am a custom ROM developer and wipe my phones very often, but I personally consider all data on my smart phones ephemeral and need to be backed up somewhere else. This means that 2FA apps like Google Authenticator which basically bind all of my 2FA keys to one single device are no-go for me.

For services that force 2FA, I store all of the 2FA keys using KeePass (KeeWeb has TOTP support). I know this isn't "the correct way" of doing it, but I really cannot trust any of my phones to not lose data in a month or two.

Maybe I should jerry rig together some simple and dumb device that does and only does TOTP.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!