While this is good advice, best practice is to always get your yubikey in pairs and keep them synchronized. One should remain in your home, in a safe place (as you described) while the other should remain on your person or outside the home (e.g. in a safe deposit box)
It’s more of a pain in the ass for sure, but handles the theft scenario more effectively
I’ve never set up 2FA on my google accounts, but knew someone who this happened to which is why I was hesitant to set it up on my own accounts. Didn’t know backing up 2fa was a thing.
deleted by creator
Always download the backup 2fa codes. This is when you need them.
Or buy a yubikey and set it up as a backup MFA on at least your email and password manager, then keep it in a fireproof safe.
While this is good advice, best practice is to always get your yubikey in pairs and keep them synchronized. One should remain in your home, in a safe place (as you described) while the other should remain on your person or outside the home (e.g. in a safe deposit box)
It’s more of a pain in the ass for sure, but handles the theft scenario more effectively
Do you not back up your 2FA when you set them up?
People should need to take a test before they can be on the internet.
I’ve never set up 2FA on my google accounts, but knew someone who this happened to which is why I was hesitant to set it up on my own accounts. Didn’t know backing up 2fa was a thing.
This. So many times. OMG!