|
|
|
|
|
|
by 8cvor6j844qw_d6
297 days ago
|
|
|
This reminds me of Steve Gibson storing his 2FA seeds by printing them out [1]. > "Steve: So in my drawer I have all of my QR codes printed." > "Steve: They're in a safe place. And if it ever comes to the point where I need to set up a new authenticator, not a problem. I just scan the QR codes once again, and we're back in business. So the other thing to look for is an authenticator that will allow you to do that because it is nice to have hard copy backup." --- I'm not sure what TOTP app he's using currently, since this was said 2 years ago [1]. > "Steve: OTP space Auth, and the logo is a simple gray padlock. Very modest logo. And it does all of this correctly." [1]: https://www.grc.com/sn/sn-921.htm |
|
|
I have my e.g. GitHub recovery codes printed out. I have to assume that the recovery codes are more flexible, but rescanning the original QR code would be better UX in case of loss simply because GitHub is not involved, they're nevertheless wiser.
But the recovery codes are process agnostic. I imagine they work whether you're using TOTP or any other 2FA mechanic. If GitHub deigns to discontinue support for TOTP, then the printer QR code won't be much help.
In the end, however, I have a piece of paper (or other visual artifact) with security information to manage.
I will keep the persistent QR code concept in my bonnet for potential consideration in the future.