Yesterday, I accidentally removed an authenticator app from my phone. Fortunately, I have another copy of the app on a different device. It made me realize how easy it is to lock myself out of my accounts. Do you think it’s a good idea to create a Windows VM with an Android emulator on it and install copies of all my authenticator apps, this will not cause any security issues?

  • zandadoum@alien.topB
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    why not consolidate your auth apps?

    i use selfhosted vaultwarden (with backups ofc) for everything, except for vaultwarden, which is protected by authy . and authy can be backed up easily

    • -quakeguy-@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Sane MFA apps explicitly disallow their data from being backed up. That would be a massive attack vector if it was possible.

      • guptaxpn@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Which is exceedingly dumb IMHO. Sure it would be a vector, but it’s a vector to something that should be an additional step to username and password. Idk, I use vaultwarden and find myself worrying less about “what if?”. I’m also enabling TOTP far more often now that I can easily add it to my phone and have it sync to other systems.