It so happens that I have a great solution to this tough problem, which has served me well for years.
I have a password manager, protected by a strong, unique, randomly-generated master password that I took the time to commit to memory. I cannot ever loose this password, and as long as I have it, I can get into my vault. As long as I can get into my vault, I have access to my other passwords.
An increasing number of web services have decided this is insecure, and are forcing me to use secondary devices in order to authenticate myself. This does very little to increase my security, while putting me at risk of getting locked out of essential resources.
I'm all for alternate options, but please don't take this setup away from me!
I have a password manager, protected by a strong, unique, randomly-generated master password that I took the time to commit to memory. I cannot ever loose this password, and as long as I have it, I can get into my vault. As long as I can get into my vault, I have access to my other passwords.
An increasing number of web services have decided this is insecure, and are forcing me to use secondary devices in order to authenticate myself. This does very little to increase my security, while putting me at risk of getting locked out of essential resources.
I'm all for alternate options, but please don't take this setup away from me!