Ask HN: What is your doomsday plan for your passwords

The scenario:

1) The phone is lost

2) No other devices

3) No access to identification (wallet lost)

3) You cannot get 2FA codes from any device

Short of putting another phone that can receive 2FA inside of a bank vault, I don’t know what else one can do.

3 points | by ivape 13 hours ago

3 comments

Bender 6 hours ago
I only use KeypassXC. I only browse sites from workstations. The database gets backed up. That backup is replicated and also off site where no icky cloud can touch it. No 2FA involved. Disks use encryption with a long passphrase and no encryption headers. Disks are in lock boxes with biohazard stickers and logos for gain of function viral experiments. There may or may not be cheap pipettes and duct tape included.
embedding-shape 13 hours ago
I have two pieces of identical papers for recovery, stored in a safe at home with code that sits inside my head, and the other is in a safe/locker provided by the bank, that family could open too if needed. Most of my and my families passwords are stored in the password manager, and the way of recovering access to it is what's written on the papers.
[-]
- ivape 13 hours ago
  What kind of personal safe? Never considered that.
  [-]
  - embedding-shape 13 hours ago
    Something similar to this: https://www.sentrysafe.com/product/CHW20201
    Main point is that it's fire-proof and water-proof, and you can bolt it down. I'm not expecting it to protect against high-motivation thiefs, but at least (hopefully) survive the house burning down or being flooded, and you can't just grab it and go.
namegulf 13 hours ago
If service providers work, they should disable 2FA and we rely on our memory, hopefully!