Hacker News new | past | comments | ask | show | jobs | submit login

The QR code encodes the actual secret data for the TOTP, so backing up the QR code is sufficient.

Screenshot -> Print is one backup method.

Screenshot -> Encrypt -> Save to secure location is another method.




Does that mean you need to take a new screenshot every time you add a new account?


Yes, but for my threat model I avoid 2fa for accounts that don’t really need it so in practice I’m not adding accounts regularly.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: