35
submitted 2 years ago by valkyrie@lemmy.ml to c/asklemmy@lemmy.ml

I was just thinking about my password manager and use of 2FA. If I lost my phone or what if I get in some accident and have amnesia and cannot remember my master password. What would I do?

Any thoughts on solutions to the problem of losing your phone or some emergency medical condition?

top 24 comments
sorted by: hot top controversial new old
[-] EatYouWell@lemmy.world 17 points 2 years ago

Keep it in a fire safe or safe deposit box.

Just follow the 3-2-1 backup rule. 3 copies in 2 different mediums with 1 stored off site.

[-] Extrasvhx9he@lemmy.today 6 points 2 years ago* (last edited 2 years ago)

Also a paper emergency sheet thats been laminated backed up in the same way

[-] SpaceNoodle@lemmy.world 14 points 2 years ago* (last edited 2 years ago)

Similarly, I have a post-it on my monitor

[-] Crackhappy@lemmy.world 5 points 2 years ago

When you type out your password, does it show like when I type my password? ******* is my password, what's yours?

[-] Intheflsun@lemmy.world 9 points 2 years ago
[-] Pyro@programming.dev 1 points 2 years ago

Wow, all I can see is *******, it really works!

[-] Mio@feddit.nu 9 points 2 years ago

Amnesia - I wound not know that I have a password manager. I wound be very screwed. No one else in family even understand what it is. I don't know what to do about it. At least they know I have a Gmail account. But I don't use it for logins. Maybe I can regain access to my domain with BankID. I have the password file on phone, server and on my workstation. So I will be fine regarding hardware failure.

[-] lovesickoyster@lemmy.world 7 points 2 years ago* (last edited 2 years ago)

bitwarden has a cool takeover option which my gf has, in case I would lose access, and vice versa.

[-] SHamblingSHapes@lemmy.one 5 points 2 years ago* (last edited 2 years ago)

I keep my vault password in fireproof containers in two separate off-site locations. And I use BitWarden, which has an emergency access process. I would assume many other vaults do too.

2FA backups are also stored in locations separate from where I have the vault password.

I also backup my vault a few times a year and keep those encrypted in another digital location.

[-] Pons_Aelius@kbin.social 4 points 2 years ago

Any thoughts on solutions to the problem of losing your phone

Having a backup copy of your password manager on more than one device and location.

I have mine on phone, pc and usb drives.

Single points of failure are always a problem.

[-] kuneho@lemmy.world 4 points 2 years ago

either it's emergency, or OP and this post's OP have shared minds: https://lemm.ee/post/16530953

[-] kent_eh@lemmy.ca 4 points 2 years ago

Paper backup in my sock drawer.

[-] Crackhappy@lemmy.world 3 points 2 years ago

I have my master password written on a piece of paper in my desk drawer, but with no references to what it's for. I guess if someone broke into my house, managed to unlock my computer or my phone and also put two and two together that it's my master password, they could get in.

But if something happened to me, that password location is known to my family, and my vault has a backup 2FA to my son's phone.

[-] MangoKangaroo@beehaw.org 3 points 2 years ago

In theory: regular rotated disk backups kept in a safety deposit box.

In reality: a single disk sitting in my dresser that's super out of date.

[-] Salix@sh.itjust.works 2 points 2 years ago

I have my keypass file synced on multiple devices locked with a strong password and a keyfile. So if I lose my phone, I still have access to my file on another device. All of my devices are encrypted too.

[-] MiddledAgedGuy@beehaw.org 2 points 2 years ago

I have my password database synced multiple places and I use two yubikeys (one as a backup) to unlock said password database and for OTP. This protects me from losing access to anything as a result of a lost/broken device.

It doesn't help in the case of being unable to perform those functions yourself for whatever reason. Perhaps give instructions on how to access all of that to someone trusted?

[-] xilliah@beehaw.org 2 points 2 years ago

Encrypt it to a thumb drive and split the password up between people you trust in envelopes.

[-] ShortN0te@lemmy.ml 3 points 2 years ago

https://github.com/jesseduffield/horcrux

Related software. You can split a file up and only need some parts back to encrypt it.

[-] LemmyKnowsBest@lemmy.world 2 points 2 years ago

probably something like that emergency pill that astronauts and pilots are rumored to have. I'd take one of those pills.

[-] Tangent5280@lemmy.world 1 points 2 years ago
[-] LemmyKnowsBest@lemmy.world 2 points 2 years ago

I don't have that inside information.

[-] ada 1 points 2 years ago

I have one time codes for that

[-] Toribor@corndog.social 1 points 2 years ago* (last edited 2 years ago)

Right now I export it periodically to an encrypted flash drive but I know that isn't sufficient. I run Vaultwarden and back up all my docker volumes hourly and replicate to S3 nightly.

Theoretically I should be able to recover but I need some off those passwords to do so. Ideally local caching or one of my exports should be sufficient but I haven't had time to actually test this.

[-] Helix@feddit.de 1 points 2 years ago

HDD at work.

this post was submitted on 30 Nov 2023
35 points (100.0% liked)

Asklemmy

49188 readers
464 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 6 years ago
MODERATORS