I personally am fine with this.

  • jana@leminal.space
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Print off your recovery codes and keep them safe. If you want to be extra, hammer them into metal plates like the crypto weirdos do.

    • argv_minus_one@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Printing recovery codes would require me to either be price gouged by the printer ink cartel or use someone else’s printer, and using someone else’s printer is begging to get my account stolen.

      I have no idea how to hammer things into metal plates, but I’m guessing that’s even more expensive than printer ink.

        • argv_minus_one@beehaw.org
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I can do that with alphanumeric codes, yeah, but can I get alphanumeric codes from GitHub, or is it going to be a QR code? I can’t write down a QR code…

          • faerbit@feddit.de
            link
            fedilink
            arrow-up
            3
            ·
            edit-2
            1 year ago

            QR codes are just an encoding. Just use any half-competent QR code app, and it will give you it’s content, which you can then write down. For the reverse you can use any QR code generator.

                  • jana@leminal.space
                    link
                    fedilink
                    English
                    arrow-up
                    3
                    ·
                    1 year ago

                    Okay, so generally the way it works is you have some app (e.g. Google Authenticator, 1password, Aegis, Bit warden – anything that supports TOTP). When you enable 2FA for a site, it’ll give you a QR code. You scan that with your app and then the app gives you a six digit code that changes every 30 seconds.

                    The QR code is really just an easy way to get a long string of characters into your app, though, and if the QR code doesn’t work there should be an option to see the raw code and manually enter it.

                    You enter that code in once to confirm that you have actually set up the 2FA. Then it will show you a list of recovery codes. It’ll only show you these once; it doesn’t store them anywhere. You need to note them down in whatever way suits you best (I print mine; you could also just write them down). You cannot see these again. The best you can do, if you still have access to your account, is generate new ones (probably by disabling and re-enabling 2FA)

                    Now, whenever you login, you’ll be asked for your authenticator code (much like an SMS). You just open whatever app you used and enter in whatever code it’s currently showing (remember it’s time based).

                    If your authenticator app gets messed up somehow, you can recover it using your recovery codes.