Scott Williams 🐧 on Nostr: One tip for #MFA - if you use something like Google Authenticator, etc., for TOTP, ...

One tip for #MFA - if you use something like Google Authenticator, etc., for TOTP, also save your MFA codes to a secure backup, like a npub1m9mnn8cg7rc9m5y80kzvfcpns7qufgqus0r6rkveyfjwxuey5zfs76rl3e (npub1m9m…rl3e) database you store locally on another device. This way if you phone gets lost/stolen/broken, you aren't locked out of all of your MFA accounts. There is nothing server side that can tell how many times you scan the QR code. You can register the same TOTP with Google Ath, Authy, and Keepassxc, and it should all work the same.