2FA seed backup plan?

curiousAce · March 17, 2024, 7:16am

An SSD (Kingston 2 TB KC3000 plus on 1 TB A2000)
HDD (either current and getting another one so on two)

I have 250 SSD(850 Evo) , 1 TB HDD and 1 TB (WD black fz1003ex or something)and 2 TB SSD Winchesters rn. I plan on getting used HDDs(2x2-3-4 TB), 2 before getting 2 new around 6 TB(but maybe I will get an additional 2 TB SSD due to rising NAND prices and make an external out of the 1 TB a2000 but clone it before), WD purple/Seagate Skyhawk/Toshiba surveillance próbably for storage usage

Having a not SSD-based-pendrive , so on that too

SD card but those are are even easier to lose than a pendrive

Also google asks for phone number , so if the ISP ceases to function it’s mobile Services (like Digi does currently), I will be locked out or limited or it’s just another layer or backup like a backup email or the codes?

Also im fine using Google/Microsoft authenticator too for 2fa seed backup, but I guess I could substitute its cloud backup function with Aegis or any other FOSS 2fa app proton drive/GDrive?

KeepItSimple · March 17, 2024, 12:01pm

Use any 2fa app to generate codes for all sites, that support it. Aegis will do. And it can backup them to encrypted file, which you backup. Or ente Auth, it will save data to cloud, so backups are not needed maybe. When they generate seed phrase they also generate recovery codes, save them encrypted somewhere else, separate from 2fa app and password app is best way.

I am not sure about phone number in google, do you receive code by SMS to login go google? Replace it with 2fa and turn SMS off.

curiousAce · March 17, 2024, 8:22pm

I wanted to try TOTP there maybe will try on a test account, in the process, first thing it asks for a phone number. So no it’s not for sms 2fa but it asks for phone number before top is possible. I have phone autothencation or backup emails

Steam does it same way

Enter auth sounds cool for streamlined experience

So I guess for the recovery keys , encrypted on those internal drives(on 2 atleast , rather 3 plus 1 external) or on paper in a safe or something ( If it’s not like super super long I suppose)

I want to keep it simple of course as it’s easy to maintain , and harder to get lost in

So yeah I might try it with a test account

whoami5 · March 18, 2024, 5:58pm

Aegis also supports automatic cloud backups for password protected vaults.

KeepItSimple · March 18, 2024, 6:36pm

Aegis data is saved with Google backup, which is not very reliable, those backups are often won’t be applied to new phone, etc. Ente data is saved to cloud and could be viewed via web ui, also not a true backup though.

whoami5 · March 19, 2024, 4:07am

Thanks, thought backups were similar to drive backups like whatsapp’s implementation

landordragen · March 19, 2024, 7:41am

I export the seeds manually every Sunday and store the file on physical storage and on cloud.

I also have two auth apps on two separate devices.

curiousAce · March 21, 2024, 11:35am

What’s the best and most foolproof way of handling this? Backups on Winchesters, so SSDs and HDDs? Besides the cloud one

I have rugged phone and next one will be too, so it’s suspectible to software problems or being stolen rather than some accident(but it can happen too but it has some defense for them)

Also I suppose email accounts and some of the important ones? As they require an email from a login anyway

I’m just paranoid that yeah I can get locked out

Topic		Replies	Views
Are there any other viable "suites"? Questions software	1	539	September 30, 2022
STARTING OVER - email, phone number, all apple devices Questions	3	550	March 11, 2024
E2EE cloud storage question Questions	5	653	November 20, 2023
Filen or Mega or Proton Drive Questions	20	2089	January 15, 2024
Backing up data on an increasingly important phone Questions software	2	526	October 2, 2022

2FA seed backup plan?

Related Topics