Follow

πŸ‘ Don't πŸ‘ sync πŸ‘ MFA πŸ‘ secrets πŸ‘ to πŸ‘ the πŸ‘ cloud πŸ‘

- Don't put them in your password manager, no matter how convenient that may be. In the unlikely event that someone gets into your PW DB you *don't* want to also give them all your MFAs.

- Don't sync them with a third-party app/service, which automatically becomes a priority target.

- And DEFINITELY don't sync them in an already-high-value account, like your Google account.

retool.com/blog/mfa-isnt-mfa/

Personally, I keep my secrets on a pair of Yubikey hardware tokens using the Yubico Authenticator app. I keep one token with me and the other stays locked in a fire safe as a backup.

play.google.com/store/apps/det

what thumb drives were created for....put with your passport/important papers in a locked box πŸ˜‰

@john_b

I do similar. OnlyKey(s), duplicate at lawyers, office safe.

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.