Y
Hacker News
new
|
ask
|
show
|
jobs
by
pvg
2670 days ago
A better, simpler-sounding plan is to enable better 2FA on your critical accounts. Doesn't this mostly fix your catastrophic scenario?
1 comments
graeme
2670 days ago
Oftentimes 2fa backup codes are slso stored in the password manager.
link
spydum
2670 days ago
Or the password recovery for lost 2fa is secret questions (this is so awful,but see it often). And chances are those secret questions/answers might also be in the vault
link
graeme
2670 days ago
Does anyone have a good solution to these issues for non techncial users? 1password etc + 2fa is great for even not super technical people.
But if it's ever breached I have no idea how you would get clear.
link
pvg
2670 days ago
Sure but that's roughly equivalent to disabling or not having 2fa. You can still avoid the catastrophic scenario by not-doing that.
link