Y2K38@lemmy.one to Privacy Guides@lemmy.oneEnglish · 10 months agoBVG out here recommending the best 2FA Apps!lemmy.oneimagemessage-square56fedilinkarrow-up1351arrow-down10file-textcross-posted to: privacy@lemmy.ml
arrow-up1351arrow-down1imageBVG out here recommending the best 2FA Apps!lemmy.oneY2K38@lemmy.one to Privacy Guides@lemmy.oneEnglish · 10 months agomessage-square56fedilinkfile-textcross-posted to: privacy@lemmy.ml
minus-squarePracticalParrot@discuss.tchncs.delinkfedilinkEnglisharrow-up35·10 months agoI do this. I want to point out it is absolutely TERRIBLE for security. It’s turning 2 factor back into 1 factor authentication.
minus-squarekniescherz@feddit.delinkfedilinkEnglisharrow-up14·10 months agoI would argue its more like a 1.5 factor. Not secure when your bitwarden gets compromised. But more security for stolen, leaked, phised passwords. I currently have 60 OTPs in Bitwarden, I probably would not have activated 2FA on so many sites without BW.
minus-squaregoodhunter@lemm.eelinkfedilinkEnglisharrow-up10·10 months agoConsider your threat model. You could use a yubikey for Bitwarden log in.
minus-squarehswolf@lemmy.worldlinkfedilinkEnglisharrow-up2·10 months agoyeah, while I understand that, it’s not every time I have both my phone and computer together at the same time using a standalone OTP on either one of them would make the opposite a pain in the ass to use I take a lot of precautions with my main vault password, even got a biometric reader so I don’t have to type the password that much
minus-squarePracticalParrot@discuss.tchncs.delinkfedilinkEnglisharrow-up2·10 months agoYou’re absolutely right. It’s all about your threat model, how much convenience you’re willing to lose and what not. I absolutely should do more to minimize potential risk, but it’s really so convenient to just… Have it all in 1 place…
I do this. I want to point out it is absolutely TERRIBLE for security. It’s turning 2 factor back into 1 factor authentication.
I would argue its more like a 1.5 factor. Not secure when your bitwarden gets compromised. But more security for stolen, leaked, phised passwords.
I currently have 60 OTPs in Bitwarden, I probably would not have activated 2FA on so many sites without BW.
Consider your threat model. You could use a yubikey for Bitwarden log in.
yeah, while I understand that, it’s not every time I have both my phone and computer together at the same time
using a standalone OTP on either one of them would make the opposite a pain in the ass to use
I take a lot of precautions with my main vault password, even got a biometric reader so I don’t have to type the password that much
You’re absolutely right. It’s all about your threat model, how much convenience you’re willing to lose and what not.
I absolutely should do more to minimize potential risk, but it’s really so convenient to just… Have it all in 1 place…