Hacker News new | ask | show | jobs
by alt227 510 days ago
> Bitwarden itself recommends printing out a recovery code and storing it in a safe, but what happens if you lose access to that safe?

I feel like your own creativity is limiting you here. There are lots of options to store those backup codes. Including giving them to multiple relatives to keep in a safe place so you can call and ask for it, creating a dedicated email account with no 2fa and email the code there, leave yourself a saved answerphone message with it on so you can dial in and listen, write it in the important info section of your passport so you always have it abroad etc etc...
2 comments
AlotOfReading 510 days ago
It's great that recovery codes exist, but the security model can't rely on them. Unused email accounts get deleted, yubikeys get lost or reset, relatives lose documents, passports get renewed, house fires and car accidents happen, time passes, etc.

Any critical procedure needs to be exercised regularly to ensure it's still working. Normal people don't do that with recovery codes.

link
alt227 510 days ago
All of these things can be mitigated by a little care and attention by yourself.

What you are really saying is you want a way to be able to recover your account thats easy, quick, and you dont need to think about it. Unfortunately strong security will never be any of those things.

link
torstenvl 502 days ago
Any concept of "strong security" that doesn't consider losing access to be a security issue is, at best, amateur.

If a state actor can't access your email, but you also can't access your email (and receive notices of login attempts, password reset attempts, server intrusions, etc.), then you absolutely do not have a good security posture.

link
AlotOfReading 510 days ago
It doesn't matter how you want to describe it, keeping recovery keys available is an ongoing maintenance burden that most people aren't going to do perfectly. It's not appropriate to blame users for reasonably foreseeable problems with a fragile system and lock them out of their bank passwords.
link
Macha 510 days ago
> creating a dedicated email account with no 2fa and email the code there

Of course, that account could also decide to implement mandatory 2FA. Could even be unannounced, just "This login is suspicious, we sent a message to your recovery email to confirm this login"

link