top | item 34499220

(no title)

> Authenticators are fine, except if you lose a couple of smartphones too close together, or you need a team to access one account.

When you enable TOTP with a service, you can extract the TOTP secret and do all of the above with it -- backup to storage, copy to new devices, distribute to multiple people, etc.

discuss

Krisjohn|3 years ago

If the service offers something other than a QR code that you did something with other than just adding into a one-way Authenticator, sure.

I have a couple of TOTPs trapped on crappy apps because I didn't care at the time and can't easily refresh them. However, now I use apps that parse the QR code and store the config in an exportable way.

As we change every damn password in our company LP account, moving it to Bitwarden at the same time, we will implement TOTP MFA wherever we can. If you screenshot the QR code and load it into the accound with the app, all the team with access can use it. It's our next best step. (Once the boss gets the new account sorted.)

jve|3 years ago

> other than just adding into a one-way Authenticator, sure.

Two-way for tech-savvy: https://news.ycombinator.com/item?id=34441697#34444676