It was one of the easiest to setup and it works flawlessly. I’m a bit paranoid about losing my data even with the backups… Any recommendation?

  • danA
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    It’s still a better idea to use a hardware key

    I’m looking forward to more sites supporting Webauthn / FIDO2 one day. Many companies are moving this way for internal systems, since TOTP is vulnerable to social engineering attacks (eg an attacker calls and says they’re from IT support and need a TOTP code for security purposes).

    You don’t always need a hardware key though, I don’t think. At my workplace we use Yubikeys with a certificate stored on them, but on my phone (Galaxy S22) I can use my fingerprint to authenticate. I don’t know a lot about it.