On Fri, Apr 12, 2024 at 09:47:04AM -0700, Adam Williamson wrote: > On Thu, 2024-04-11 at 19:52 -0700, Carlos Rodriguez-Fernandez wrote: > > I was hesitant to have MFA for a while. Imagine losing a phone with tons > > of tokens. What a hassle to recover from that. I found it less than > > ideal for practical reasons. > > This is one reason most systems provide a sheet of one-time backup > codes that you're meant to print out and keep in a safe place, for > recovery from exactly that scenario. > > Alternatively, if you have an old phone or tablet lying around, just > install an MFA app on that and enrol it too, lock it in a cabinet, then > if you ever lose your primary phone, use it to recover. > > Also, these days, most authenticator apps support some kind of backup > mechanism. FreeOTP lets you back up to a file (which you should, of > course, keep somewhere safe and ideally encrypted). Google > Authenticator can backup To The Cloud.
yeah, I'll put in a plug for the one I use: https://github.com/beemdevelopment/Aegis It's open source, available on f-droid and play store, can to encrypted backups, pretty active upstream, highly rated in reviews. kevin
signature.asc
Description: PGP signature
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
