If i loose access to –> MOBILE, LAPTOP, BACKUP_DRIVE
Can i still access my → EMAIL, BITWARDEN, BACKUP, TOTP(aegis)
Deadlock –> bitwarden (verification code to email), backup (password in bitwarden), TOTP(aegis, password in bitwarden)
I drew a table, and there were some scenarios where lossing access to some will result me loosing access to everything. particulaly because bitwarden sends verification code to email and totp(aegis) is stored locally with password inside bitwarden. So unless i still have access to one of laptop or mobile, i won’t be able to recover.
I can remove email verification from bitwarden and move totp inside bitwarden or i can just move password-management & totp to a email provider that offers those services and then i will only have to remember a single password of my email provider.
I wanted to know how do you guys approach this? or is this something not sharable? Can you provide me some guidelines. What about recovery keys? How do you store them? In general what approach should i take if loose access to some or all of my devices (or am i just getting paranoid here)?
I don’t want to side-track into a discussion of password managers, but I don’t use a cloud-based tool. KeePass works fine, and the (single) file that it produces, protected by a memorised long passphrase, can be freely kept even in public places, though it is probably simpler to just send a copy to your spouse or buddy via whatsapp or whatever. If you lose everything he/she sends that back to you and you use your memorised passphrase and all is well.
If you can’t switch, you could backup your bitwarden to keepass at regular intervals, and then the rest of what I said above still works.
I second that! It’s very simple and under a lot of scrutiny. And you can give your spouse or mom or whomever a copy. Just make sure that when using an encrypted disk not to put the backup of the Keepass file on that and then save the encryption password only in the Keepass file. Laugh not. And don’t ask how I know.