|
|
|
|
|
|
by aunterste
1386 days ago
|
|
|
I think that's my point though, I can easily lose my phone, no harm done if one has the seed-values for the TOTPs and they are protected on the phone. It's not so much asking for 'perfect' security - I agree, that doesn't exist. But do HW security tokens create a probability of a hard lock-out that outweighs the security/convenience they provide. |
|
|
If you lose your key, you're locked out --- simple as that.
About the only reasonable way to create a backup is by buying/using/registering multiple keys. But at $40+ each, the cost adds up quickly.
It is hard to beat your phone for overall convenience. My phone is always with me and with my TOTP keys backed up to secure on-line storage, I can easily restore these to another device if/when needed and continue with only a minor hesitation. For most people, this is the most convenient/least expensive/best all around solution IMO.