On 8/31/24 18:44, Viktor Dukhovni via mailop wrote:
On Sat, Aug 31, 2024 at 08:16:22AM +0100, Matthew Richardson via mailop wrote:
I also wish to keep accounts/credentials indefinately, and think I have
concluded that this can be adequately achieved using TOTP as well as unique
email address/password combinations for each account.
TOTP is based on a shared secret which is (depending upon TOTP client)
straightford to extract and retain securely for the long term.
Does anyone see any flaw in this approach, or in the longevity of TOTP?
The flaw for me is that TOTP involves using phone apps I don't know
the provenance of, that back up the data in a format I don't know
to my "Google Drive", which is the most protected place I'd choose.
KeePass XC (password manager) supports TOTP:
https://keepassxc.org/docs/KeePassXC_UserGuide#_adding_totp_to_an_entry
Not the best idea security-wise but decent alternative IMO.
If the app I'm using stops being available, I don't currently a
have a good recovery plan. What do you use to keep your TOTP
data safe and sufficiently portable between "devices"?
--
Send unsolicited bulk mail to carl...@at.encryp.ch
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
