Hacker News new | past | comments | ask | show | jobs | submit login

You don't need your phone. You need access to your email account. This is described in the article.



Like numerous others, my email account password and 2FA codes are in Bitwarden.


I dont understand why people do this - those “bedrock” accounts like bank accounts shouldnt be in your password manager in my opinion.

At the very least split your providers - no one manager has all my passwords and 2FA codes.


Because for security (!), I use a very strong and difficult to memorize password, with no backstop if I forget it. I only want to memorize one of those.


why is this safer than requiring 2 master passwords. at the end an email account is accessible via a password.


Hopefully your email also requires 2FA :)

Even without, accidentally getting one password leaked is a lot more likely than two. For whatever reason, shoulder peeking, keylogger, wrong input field, brute forced, and so on.


yeah so 2 passwords would do the same trick then?

In my mind the email is the second worst 2FA since it's used for registering everywhere on the web and more prone to be compromised. Phone number is the worst.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: