After everything that has happened with Raivo over the last few days it’s reminded me that I need to go through my accounts with 2FA enabled.

However, how do others keep things organised? My main 2FA app is Proton Pass but I’ll be adding Ente Auth as a backup alongside my Yubikey. In the past I saved a copy of the QR codes when setting up 2FA but I’d occasionally forget to save new ones.

Does anyone have a good system for saving either the QR code or setup code (not actually sure what it’s called) for future use?

EDIT: the code I’m referring to is the initial secret code used to setup the 2FA

Final Edit: I’ve settled on saving the QR codes into a folder that is setup as a git repo.

    • UID_Zero@infosec.pub
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      Same, but my seeds are stored in a separate vault from my passwords. Seems like having MFA and passwords in the same place defeats the purpose. I used to let keepassxc auto fill MFA tokens, but finally changed to a separate app.

  • mcmodknower@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    I have the backup codes for the accounts on paper. This is not the same as the initialization qr codes, but it should also work.