PRIVACYSTEPS HOME
Authentification
2fa
Passwords
Devices
Computer
Mobile
Email
Network
Payment
Social media
ANONYMOUS USER
STATISTICS LOGIN REGISTER

Browsing as anonymous user

Your progress is saved locally. Create an account for cloud sync and permanent storage.

Authentification > 2Fa

Progress: 0/6

0%

What is 2fa

2fa is as it's named a second factor of authentification. One to be used after the first one, your password, for more security.

Remove insesecure 2fa from your accounts

Not all 2fa is equal. Some 2fa methods could even make your accounts less secure.

That's why we recommend you don't use sms or call 2fa as those could be easily compromised by sim swapping. We also recommend you do not add any real information to your password hints as those could be found easily found.

I removed insecure 2fa methods from my accounts. easy

Enable 2fa for every account possible

Now that you removed insecure 2fa methods, you should enable secure 2fa methods for every account possible. The most secure 2fa methods are hardware security keys and TOTP codes. If you don't have a hardware security key, you can use an app like Aegis for TOTP codes.

I enabled 2fa for every account possible. easy

Keep a backup of your 2fa

It's important to keep a backup of your 2fa codes in case you lose access to your primary 2fa method. As this backup is sensitive it should always be kept encrypted.

I backed up my 2fa codes. easy

Do not use your password manager for TOTP codes

While still better than not having TOTP 2fa enabled, using your password manager for TOTP codes put all of your eggs in one basket. If your password manager is compromised, your account will be fully compromised too.

That's why we recommend you use a specific app or hardware for TOTP codes. We recommend using an app like Aegis or your hardware security key if it supports TOTP codes.

I use a specific app / hardware for TOTP codes. medium

Use a Hardware Security Key

The best 2fa method is to use a hardware security key. It protects your account and can only be compromised if you are physically attacked. It is also immune to phishing and social engineering attacks.

We reccommend using a hardware security key like a Yubikey.

I use a hardware security key for 2fa. medium

I have a backup of my hardware security key

The only drawback of hardware security keys is that you can't backup this key and lose access to your accounts if you physically lose it.

This is why you should always have a second hardware security key with you and for your most important accounts a third one stored in a safe place. The issue is that you need to register each one of them on new accounts so you need to store them in different places but also have them accessible to register new accounts.

I have a backup of my hardware security key. medium