• HughJanus@lemmy.ml
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    You shouldn’t be using that feature anyway. Keeping your passwords and 2FA in the same place means you only have 1FA.

    • Yote.zip
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      1 year ago

      It’s mainly a difference in threat model. 2FA within a password manager is still 2FA for concerns of a website login being hacked by remote adversaries, which is the most important problem to solve.

      If you use 2FA within your password manager, you should still lock that outer-most password vault with 2FA from a separate device (like you said), which solves your password vault being hacked by remote adversaries. Optionally, you can then use aggressive idle-locking of your vault on your personal devices, in case they’re stolen physically.