What the title says. Before you had to choose either SMS / call via phone or a very clunky code grid.

  • axby
    link
    fedilink
    arrow-up
    1
    ·
    4 months ago

    Thanks, I suspected this (I only see “authenticator app” when I log in on a new device or periodically, but I wasn’t sure.

    Related: for finance related services like Questrade, I’ve stored my TOTP keys on a U2F key, Yubico in my case. Besides the hassle of managing physical keys, is there any drawback to this approach? I’m slightly worried I’ll lose all my keys in a house fire or something, but I assume there’s a recovery option.

    • rinze@infosec.pubOP
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      That I don’t know. I store the TOTP keys into an app on my phone an into a separated KeePass DB that’s different from my regular one. Two copies of that is good enough to let me sleep at night.