Comment on Current account recovery best practices?
navigatron@beehaw.org 9 months ago
I use a very simple “hashing” algorithm that I can do mentally. If I want to log into a service, I “hash” its name, and that’s my password.
Every service I use has a different password, and I don’t have to remember any of them. I have no keyvault that can be stolen.
MFA is still an issue. You’ll need your recovery codes to be accessible, but encrypted.
mac@infosec.pub 9 months ago
This is pretty clever actually