nostr:npub1kkexr9d6lgtmd37tuqgqk2gcas79u95vun6qxd77wm6swt70qjnsek7348 and his scammer interview is now on What Bitcoin Did with nostr:npub14mcddvsjsflnhgw7vxykz0ndfqj0rq04v7cjq5nnc95ftld0pv3shcfrlx https://www.youtube.com/watch?v=NmsAk3kXdz4
They talk about Google Authenticator syncing to your account, and you should disable that. Solid advice, but that'll leave you in shambles if you lose your phone.
To counter this, make a hard copy of the QR codes when you get them and store the hard copy somewhere. You can scan an old Auth QR, or you can scan it on a different phone. Just get an old android with only Authenticator, if you want a live backup.
Yes a secondary/backup device gives a lot of peace of mind .Google Authenticator also makes it easy to duplicate all of your accounts at once to another device.
And you don’t need to sync it to your Google account to do this. It just gives you a series of QR codes to scan with the new device, and then asks if you want to keep or delete them from the original device.
Oh yeah, forgot about that function, that's really neat as well for when you migrate to a new phone and have the old one still available. If I remember correctly, you can make a selection which ones you want to transfer through animated QRs.
I also have the Google Auth of my wife and vice versa, as an emergency backup.
Huh? 99% of 2FA setups include a set of backup codes that you should write down. I'm not sure copying/saving the QR is a great idea... IIRC there's also at-least one 2FA I saw where the precise time you set it up was imporant, i.e. if you re-scanned the QR tomorrow the codes were completely different
