9
votes
Where should I put the 2FA recovery code for my password manager?
So I have all my passwords, TOTP backup codes, and account recovery codes in my password manager (Bitwarden.) In turn, Bitwarden is secured with a master password and TOTP 2FA. I have a recovery code for the 2FA in the event that I can't get to andOTP anymore (2FA app.) The thing is, where do I put that code? I can't put it in a note app or anything, because if I'm locked out of Bitwarden, I don't have my passwords. Do you see my problem? I was thinking about physically writing it down, but that makes me nervous because I might lose it. Are there any good solutions to this problem?
That's the right thing to do, you just have to put it somewhere that you won't lose it.
I have two copies written down. One is hidden in my house, and the other is in my safety deposit box for the worst case (house burning down or something similar).
I guess I could put it in the safe in my house. It's supposed to be fireproof (or at least resistant.)
As Bruce Schneier might recommend, write it down and put a copy in your wallet: https://www.schneier.com/blog/archives/2005/06/write_down_your.html
You may also want to keep an additional copy "off-site" outside your home in case something happens to your home.
If you have an old email account you still know the credentials to, store it in a draft. Otherwise, I'd be tempted to create a new email with a dead easy-to-remember password, no 2FA, and store it there.