• ERROR: Earth.exe has crashed@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 day ago

    Currently having problems with GMail I lost my old phone (2fA)

    Yea this is exactly why I don’t use 2FA

    If the password is like 64 characters randomly generated by Keepass, the 2FA doesn’t matter.

    • Blaat1234@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      18 hours ago

      You can still accidentally leak your password via phishing or malware. 2FA is fine if you don’t tie it to a phone number, simplest way: install any authenticator app for TOTP tokens. Scan the QR code on multiple devices like phone + tablet, or old phone, for redundancy. Or save the secret key.

      Google and most critical services also give you a list of 10 single use emergency codes that you should print or save in Keepass - lost the phone? Nbd just use one of the codes and reset 2FA.

      I also never thought my non shared password would be public but one day I suddenly got prompted on the authenticator if I wanted to login; still no idea how or why but at least no one could get in and immediately rotated out the password.

    • ArcaneSlime@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      4
      ·
      1 day ago

      This is what I do as well. A few services force 2fa though and also have 0 good options (let me use my flipper as a u2f through not chrome, ungoogled-chromium works, but damn), and for those I’m forced to use text.

      While I’m here, anyone have a good chrome based browser that is private and can use serial ports for flashing meshtastic devices and u2f? Need android mainly because I have ungoogled-chromium on linux, but will take recs for linux too if there’s a better one.