Ron Gilbert (GrumpyGamer)Dear Steam: Use fucking standard 2FA so I can put it into 1password. WTF. Seriously. W.T.F. You made $3b last year. I'm sure you can hire a programmer to do this. It's a solved problem.
(rainynight65) has moved@grumpygamer I'm not a fan of keeping my 2FA codes right next to my passwords in 1Password or equivalent. I know it's generally safe - but that just means nobody has breached it *yet*. And *if* someone gets in, they have *everything*. I prefer a degree of separation of my auth factors.
Stuart McHattie 👨🏼💻@rainynight65 you only have two factors if the code generator is never on the same device as your passwords. If you have a second app, cool, but if it’s on your phone alongside 1Password, you have two-step authentication, not two-factor.
The true value of two-step or two-factor is when databases get breached that leak your password. If someone has gotten into your password safe, you’re not going to be saving very much of your online presence, two-factor codes or not.
@sdjmchattie which is why I use a physical second factor wherever it is possible. And something like a Yubikey can also be used to store OTP tokens.