I use Aegis, I have automatic encrypted backups, and syncthing to synchronize the backups to my private server. If I need to reconfigure Aegis, I just import the backup.
I have 2FA backup codes as encrypted text files, which are also synced to my server with syncthing. I have the encryption/decryption software installed on my phone and windows, so I can use a backup code if I don’t have access to Aegis.
True true. But the auth apps I’ve seen don’t appear to be secure. So if you lose your phone…
And I don’t like hw key because I’m afraid I’ll lose it.
I have a two layer system in place:
I use Aegis, I have automatic encrypted backups, and syncthing to synchronize the backups to my private server. If I need to reconfigure Aegis, I just import the backup.
I have 2FA backup codes as encrypted text files, which are also synced to my server with syncthing. I have the encryption/decryption software installed on my phone and windows, so I can use a backup code if I don’t have access to Aegis.
One issue was I had to write my own apps for windows and android for encrypting/decrypting the text files 😃. You can check them on GitHub: https://github.com/mcanyucel/TextCrypt-Windows https://github.com/mcanyucel/textcrypt-android
They use SHA256 with random IV and random salt. No warranties, though 😅
Damn! I hope I don’t have to be quite that careful. I travel a lot so I really only worry about the USA border guards. 😒