After everything that has happened with Raivo over the last few days it’s reminded me that I need to go through my accounts with 2FA enabled.

However, how do others keep things organised? My main 2FA app is Proton Pass but I’ll be adding Ente Auth as a backup alongside my Yubikey. In the past I saved a copy of the QR codes when setting up 2FA but I’d occasionally forget to save new ones.

Does anyone have a good system for saving either the QR code or setup code (not actually sure what it’s called) for future use?

EDIT: the code I’m referring to is the initial secret code used to setup the 2FA

Final Edit: I’ve settled on saving the QR codes into a folder that is setup as a git repo.

  • Fake4000
    link
    fedilink
    English
    107 months ago

    I use aegis as my 2fa app. I backup the 2fa seeds in my keepass file.

    • @UID_Zero@infosec.pub
      link
      fedilink
      English
      47 months ago

      Same, but my seeds are stored in a separate vault from my passwords. Seems like having MFA and passwords in the same place defeats the purpose. I used to let keepassxc auto fill MFA tokens, but finally changed to a separate app.