|
|
|
|
|
|
by tptacek
3426 days ago
|
|
|
I wouldn't personally recommend backing up and restoring 2FA secrets; there's a reason that the printable backup codes you get are one-time-use. But if you're going to do that, don't bother with hardware tokens. I mean, use them if they make you feel cool (I'm not being derisive; there's value in feeling better), but understand that you're effectively turning your hardware token into a software token by doing that. My point is not that backup and restore is intrinsically evil; it's a legit security/usability tradeoff. I think most people should use software tokens. |
|
|