Hacker News new | ask | show | jobs
by lotsofpulp 1204 days ago
I use Strongbox to backup TOTP in Keepass databases.
2 comments
GoblinSlayer 1203 days ago
TOTP is only needed if you use very a weak password, which shouldn't be a thing with keepass.
link
lotsofpulp 1203 days ago
What if your password is leaked from some website’s database or you have a keylogger or someone somehow sees it? Wouldn’t it help then?
link
GoblinSlayer 1203 days ago
Keepass shows passwords as a sequence of masked characters https://keepass.info/screenshots/keepass_2x/main_big.png

If you have a keylogger, it will just steal your TOTP.

link
malfist 1204 days ago
That's good for you, is grandma going to do that?
link
yonixw 1204 days ago
I'm a programmer and when I was told to store backup codes, I saw the site still has a "Forgot Password?" button so I dismissed it as a QUICK way to recovery, Not the ONLY way!

The only one who told me losing backup codes means losing your data forever was my bitcoin wallet. (Ironic)

link