I use KeePassXC and store my passwords and TOTP in there. I do also use a YubiKey 5 to lockdown my KeePassXC database. So my TOTP and passwords inside are protected by the master password and a YubiKey. I only have the necessary accounts, so only one is secured by TOTP. The rest either don’t support 2FA, use SMS 2FA or they support hardware keys.
I guess the best practice would be to separate them, but I am not going to do that only for one TOTP code.
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Do you secure your Ente Auth by 2FA? | 2 | 547 | May 7, 2025 | |
| Where do you store 2FA tokens? (Not hardware keys!) | 17 | 1234 | February 25, 2024 | |
| Those of you using hardware security keys (e.g. yubikey) , which accounts (or if that is too personal, how many accounts) do you use them for? | 16 | 1271 | December 18, 2023 | |
| Should I use my password manager for storing TOTP codes? | 24 | 5848 | January 13, 2024 | |
| Is Yubico Authenticator a valid option for 2FA codes when FIDO2 isn't supported? | 2 | 238 | October 12, 2025 |
Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online.
Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy.
We do not make money from recommending certain products, and we do not use affiliate links.