|
|
|
|
|
|
by markatto
1510 days ago
|
|
|
I use the "multiple security keys" approach, and the biggest problem is keeping track of which keys are registered with which services and making sure the list is up to date. A few examples of situations where this is a problem: 1) I don't keep all of my keys on my person, so if I want to sign up for a service when I'm not at home, I have to remember to go back and add my other keys at a later time. If I wanted to, for example, keep a backup key in an offsite location such as a safe deposit box, this would be even more painful. 2) If I lose a key, I need to go and change every service to deactivate the lost key and add my replacement key. This is both time-consuming and error-prone, as it requires me to keep a full list of providers that I use keys with somewhere. 3) Some providers do not even allow you to register multiple keys. |
|
|
1. You register both the primary and the backup key with every identity provider (ie GitHub)
2. You only carry the primary key with you at all times. You keep the backup key in a physically safe space (ie next to your birth certificate).
3. In case the primary key gets lost, you make the backup key your new primary key. You can log in with it everywhere because you already registered it in step 1.
4. You order a new key which will become your new backup key.
5. Go to step 1.