Ancestors

Toot

Written by scribe on 2025-01-16 at 14:22

If you use 2FA and a password manager for logins, do you keep the two separate, or do you use your manager's 2FA functionality?

[#]security #poll

=> More informations about this toot | More toots from scribe@mastodon.sdf.org

Descendants

Written by Chris-Evelyn on 2025-01-16 at 14:40

@scribe Depends. Important stuff - separate. (Like everything that handles money etc.)

Not so important - password manager. Makes it harder on the attackers but hardly inconveniences me.

=> More informations about this toot | More toots from chris_evelyn@troet.cafe

Written by dragonfrog on 2025-01-16 at 14:59

@scribe I use pwsafe for its simplicity, open sourceitude, availability on all the OS's I use, and non-reliance on cloud anything - but it's just a password manager, not an MFA software. (I do sync the password database file over a cloud service, but it's not a dependency)

=> More informations about this toot | More toots from dragonfrog@mastodon.sdf.org

Written by Lukas on 2025-01-16 at 15:01

@scribe for me it is ok to leave the tokens in the same place IF 2fa is required to login to your password manager.

I am using a hardware token for the job

=> More informations about this toot | More toots from lm@diaspodon.fr

Written by marcusb on 2025-01-16 at 16:39

@scribe I mostly use my password manager's 2FA for random web stuff, but I use hardware tokens for anything even remotely valuable. I wrote about my hardware token setup on my blog (https://marcusb.org/posts/2024/03/consolidated-guide-to-using-yubikeys-with-linux/)

=> More informations about this toot | More toots from marcusb@mastodon.sdf.org