Yesterday, I accidentally removed an authenticator app from my phone. Fortunately, I have another copy of the app on a different device. It made me realize how easy it is to lock myself out of my accounts. Do you think it’s a good idea to create a Windows VM with an Android emulator on it and install copies of all my authenticator apps, this will not cause any security issues?
That is the reason why I don’t self host my password manager: my 2FA passwords are in there, very conveniently and independently of any other device. I trust 1Password with that.
Oops. https://www.darkreading.com/remote-workforce/1password-latest-victim-okta-customer-service-breach
So? No customer data got leaked. And even if the vaults would get leaked (which they didn’t), they are 2FA encrypted.
2fa is not encryption.