@sir Gitlab has a nice approach regarding this. They offer recovery from SSH with a custom command line utility which generate new recovery codes.

docs.gitlab.com/ee/user/profil

@sir having had lost 2fa codes a few times i've decided to give up on 2fa. i use strong passwords instead

@sir I use a app that allows backup, such as andOTP, and backup my encrypted TOTP database anytime I change it (add/remove entries). Cool to see other methods Sourcehut uses though to verify. The SSH signed messages method is clever!

@Antacon @sir don't they all provide recovery code already in case you lost totp?
Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!