Comment on Current account recovery best practices?
youngGoku@lemmy.world 5 months agoKeepass db doesn’t use email 2fa, its just a file you store on your device
Comment on Current account recovery best practices?
youngGoku@lemmy.world 5 months agoKeepass db doesn’t use email 2fa, its just a file you store on your device
Darkassassin07@lemmy.ca 5 months ago
That’s still gaining access through a device that’s already signed in/has your password db.
If you do not have access to a device that’s already signed into your accounts/has a copy of your password db; how do get in?
Presumably you’re smart enough to not have password only auth on a public facing nextcloud instance if it stores your password db…
This is the scenario we are discussing. The fact you store you db on other devices is entirely irrelevant.
youngGoku@lemmy.world 5 months ago
My nextcloud instance uses fail2ban and I use a >32bit strong password.
Assuming I lose my phone and my laptop and my personal computer and my nextcloud instance I would be screwed.
Since I host my own mailserver I would be able to create a new mailserver with a new password though and recover any accounts with a new email.