|
|
|
|
|
|
by nsajko
715 days ago
|
|
|
The TLDR describes your method accurately, though. You do store your OTP secrets in a password store. That said, the significance of using two separate password stores isn't clear to me. Under what threat model is that supposed to be an improvement over a single password store? Basically, your idea is that passwords are less essential than OTP secrets, so you take less care keeping them safe. However I think it'd make more sense to just apply proper protection for all secrets. |
|
|