I understand that having an 2fa authenticator in the same password manager is perceived as going back to 1 factor but is that true?
Ok if I’m hacked then yes, but if a site gets hacked then i still have my 2fa
So it’s a trade off with convenience I guess? Maybe for some sites only you would like to have a 2fa separated and then the rest is ok?
I would say that is a pragmatic approach.
Well that’s a good point. I think it really depends on where do you have this password manager/password database. In case it’s self hosted/offline, I would say all together would be still ok.
Don't do it!
Always keep PW & 2FA separate.
And I disagree. Purism doesn’t help. If it gets to cumbersome, ppl will just not use it and deactivate it. I keep the 2fa of life destroying accounts on a separate offline store. The game account of my kids can be in the password manager because I prefer them using them with one click instead of not having it at all.
