Hacker News new | ask | show | jobs
by nanidin 1152 days ago
The QR code encodes the actual secret data for the TOTP, so backing up the QR code is sufficient.

Screenshot -> Print is one backup method.

Screenshot -> Encrypt -> Save to secure location is another method.
1 comments
daydream 1152 days ago
Does that mean you need to take a new screenshot every time you add a new account?
link
nanidin 1151 days ago
Yes, but for my threat model I avoid 2fa for accounts that don’t really need it so in practice I’m not adding accounts regularly.
link