Hello, On Sun 26 Apr 2020 at 02:36PM +02, Mattia Rizzolo wrote: > On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote: >> There are even cli tools that do the same stuff. I'd guess there is at least one on Debian. > > Indeed, after I first lost a phone, and a second one broke, leaving me > with a quite huge pain to recover my accounts, I started using > `oathtool` to manage the TOTP and HOTP codes, which is in Debian, and I > store the secret hash needed to generate the codes with `pass`. > > That said, for the only website where I need HOTP (Ubuntu SSO), I stored > that thing in the HOTP spot of my yubikey, and for everything else they > also support U2F so I likewise use my yubikey for those as well. In such a case, though, haven't you essentially turned it back into one factor authentication (the single factor being your laptop)? -- Sean Whitton
Attachment:
signature.asc
Description: PGP signature