[shurcooL]

Good point, it is a problem.

I'm aware of two options:

- either you spend the time manually trying to going to all places where you use multi factor auth and perform "transfer device" process, which is hard and painful the more services you have,

- or you save backups of the original source elsewhere, basically invalidating the security advantage multi factor offers you.

[aftbit]

The second option isn't so bad as long as those backups are kept offline and physically secure. For example, with smartcards, it's common advice to generate keys on an offline machine and copy them (encrypted if you want) to a USB stick as well as the smartcard. Then you stick the USB stick in your safe. If your smartcard dies, you can load them onto another card.