I was just thinking about my password manager and use of 2FA. If I lost my phone or what if I get in some accident and have amnesia and cannot remember my master password. What would I do?
Any thoughts on solutions to the problem of losing your phone or some emergency medical condition?
Removed by mod
Amnesia - I wound not know that I have a password manager. I wound be very screwed. No one else in family even understand what it is. I don’t know what to do about it. At least they know I have a Gmail account. But I don’t use it for logins. Maybe I can regain access to my domain with BankID. I have the password file on phone, server and on my workstation. So I will be fine regarding hardware failure.
Any thoughts on solutions to the problem of losing your phone
Having a backup copy of your password manager on more than one device and location.
I have mine on phone, pc and usb drives.
Single points of failure are always a problem.
Paper backup in my sock drawer.
deleted by creator
https://github.com/jesseduffield/horcrux
Related software. You can split a file up and only need some parts back to encrypt it.
In theory: regular rotated disk backups kept in a safety deposit box.
In reality: a single disk sitting in my dresser that’s super out of date.
I keep my vault password in fireproof containers in two separate off-site locations. And I use BitWarden, which has an emergency access process. I would assume many other vaults do too.
2FA backups are also stored in locations separate from where I have the vault password.
I also backup my vault a few times a year and keep those encrypted in another digital location.
I have my password database synced multiple places and I use two yubikeys (one as a backup) to unlock said password database and for OTP. This protects me from losing access to anything as a result of a lost/broken device.
It doesn’t help in the case of being unable to perform those functions yourself for whatever reason. Perhaps give instructions on how to access all of that to someone trusted?
HDD at work.
Right now I export it periodically to an encrypted flash drive but I know that isn’t sufficient. I run Vaultwarden and back up all my docker volumes hourly and replicate to S3 nightly.
Theoretically I should be able to recover but I need some off those passwords to do so. Ideally local caching or one of my exports should be sufficient but I haven’t had time to actually test this.
I have one time codes for that
