Hacker News new | past | comments | ask | show | jobs | submit login

IMO it's good practice to not one's vital 2FA codes held hostage on a service where one's accounts or IP address can be flagged for spam or abusive behavior by automated systems. (This also applies to Google Authenticator, for what it's worth!) Especially in a world where customer service teams are being trimmed wherever possible!

I use 1Password - its UI leaves some things to be desired, and it's not cheap, but it has zero incentive to cancel the account of any paying customer!




Google Authenticator is completely offline isn't it? How are accounts / 2FA material at risk of lockout by using Google Authenticator?


I switched out of Google Authenticator when they updated the app and all my 2FA just went away.

They did fix it with another update, but that was a seriously un-fun few days. Luckily I was just logged in to my AWS account so I could disable the 2FA.


It is, and because of that people regularly lose their vault when switching phones and forgetting to transfer the data.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: