[felipelemos]

One could say you shouldn't store the 2FA along with your password.

[smitelli]

Not the parent, but I look at it this way…

Something I have: the database file.

Something I know: the master password to that file.

I figure the sprit of the advice is preserved for the most part. (Doesn’t keep me awake at night, anyway.)

[numpad0]

But 2FA on a phone had been awkwardly okay. Could be because it's just too silly that adversaries can't take it seriously, but it's been okay.