2FA: Why do I need to keep my backup codes for each platform on paper?
jeanid last edited by
I'm looking into setting up 2-factor authentication for my registered accounts. However, when setting up 2FA, for example Reddit, you need to write down backup codes in order to regain access to your account in case you lose your smartphone.
I've already read this post.
But the whole point of using password managers (yes, that's another thing) is that you don't have to write down all the passwords you've been using for all your registered accounts, and still can have different passwords for all websites in case a website gets hacked and appears to have stored all passwords in either plaintext/encrypted form (yes, yes, it still happens today). Since writing down passwords, keys, codes is really old-school.
So I'm feeling that writing down backup codes for the platforms supporting 2FA is a real step back. In fact you'd have to store these codes written on paper in a safe.
Is there any way I can be sure to regain access to my account that's been setup to use 2FA, when I lost my phone, without having to fallback to silly backup codes I've written down on paper, for each website?
Does this also mean that if you lose your phone and backup codes, you can't access your account at all?
Writing them to paper is one of the simplest, guaranteed to be safe from malware and hardware failure for the average people. If you have a password manager, usually you can store secure notes too, which can handle backup codes. But if you do that, then attackers who managed to breach your password manager now have everything they need to get into your account. Some 2FA apps like Authy allow syncing and backing up codes across multiple devices, but this also means you've multiplied the weak links.
You don't have to take a single approach for all of your account, perhaps you decide your social media account is not that vital and store the backup code in online account or sync the 2FA token, while still writing your email backup code in a piece of paper because it's the gateway for every account you have.