|
|
|
|
|
|
by th3zero
3284 days ago
|
|
|
Just to make sure no one gets the wrong impression: You should store your TOTP keys in a different KDBX file, locked with a different master password, and maybe even used on a different device/PC. We all know that you shouldn't store your password along with TOTP secrets, or should I make a blog post explaining this? |
|
|
I personally see TOTP only as a security against phishing and password stealing attacks. I don't see how a separate database for TOTP secrets improves on that in any way.
The thing is; a Keepass Password is (usually, looking at your password requirements Paypal) fairly secure in of itself, long, random and contains all the good characters.
TOTP is mainly useful when you have weak passwords and enter them into the wrong place, something that Keepass (especially with the Browser Extension) fully prevents. It's just for show and some extra padding.
Though I do use U2F anywhere I can.