this post was submitted on 10 Jul 2023
20 points (95.5% liked)
Lemmy.world Support
3230 readers
9 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news π
Outages π₯
https://status.lemmy.world/
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
While it's possible, I believe it's still best to seperate your passwords and 2FA.
Saving both in one place kinda defeats the purpose of 2FA.
True. PSA: if you want the convenience of something like Authy, but with an open source e2e approach: thereβs Ente Auth. Iβm using it since about a month.
https://github.com/ente-io/auth
yep this is the way
Agreed, don't do this. If your system is compromised, then the moment you unlock your Keepass database, even just once, the attacker now has both your passwords and your TOTP keys and can impersonate you anywhere.
Where I work we are phasing out TOTP in favour of FIDO2 keys, and the ability for users to store TOTP keys in a password database alongside their passwords is one of the key reasons.