this post was submitted on 08 Jul 2023
23 points (100.0% liked)

Apple

17241 readers
248 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
23
Michael Tsai Blog - Is It Safe to Store Passwords and 2FA Codes Together? (mjtsai.com)
submitted 1 year ago by [email protected] to c/[email protected]
18 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] jollins 8 points 1 year ago

There’s a balance between convenience and security and IMO storing both on 1Password is fine. An attacker getting into your 1PW account would require them having

  • your username

  • and your password (which should be unique to only 1PW)

  • and your secret key

  • or physical device access with your 1PW password or biometric auth credentials

in which case an attacker really wants your stuff, has your device, and you have bigger issues.

I feel like this is similar to saying “is your front door lock strong enough?” when a thief is at your door and really wants to get inside, regardless of level of effort required.