Hacker News new | past | comments | ask | show | jobs | submit login

So what do you do when your phone falls down and breaks?



Account recovery codes & other means of backup authentication until I can generate new MFA tokens. It's really not a big deal, whereas it looks like the next big cloud hack will be.


I take my previous phone out of its drawer. Or my tablet.


Very funny. But how do you login into things without the otp seed?


Use another device with _another_ seed (since this is auth factor of ownership you must not share seed between multiple devices just like pki private keys and pgp keys). Or if you don't have backup otp generator then use backup codes.


It's standalone 2FA, not a paswword manager. There's no seed.


Oooooh, you don't understand how google authenticator works!


Try it: it works offline.


It doesn't work from a broken phone.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: