You can only fit so much data inside the QR code, and limiting it to 10 is a safe number. Google is not open about why they do this limit, but it would seem obvious that they do it because of the character limit QR codes have. So if you have 32 accounts inside your Google Authenticator app you will have 4 QR codes, 3 will be for 1 to 30 and the 4th will be the last 2. The Google Authenticator app will only export 10 accounts at a time when you export. The Google Authenticator app or Aegis app can read this data and import your codes (10 at a time) at any time and without the need of an internet connection. What it basically means is that this string of text is OTP migration, and all your data is inside the gibberish of letters and numbers. What’s inside the export QR Code looks like this: otpauth-migration://offline?data=CkoKDZePmX7z8qHgFlH9yVcSIlRoaXNfaXNfYW5fRXhhbXBsZTplbWFpbEBlbWFpbC5jb20aD0V4YW1wbGVfV2Vic2l0ZSABKAEwAhABGAEgAA%3D%3D What’s In The Google Authenticator Export QR Code? You will find some interesting discussion on this subreddit.Here is just a short list of TOTP apps that I consider better than Google Authenticator: Family members or questionable acquaintances (or their housemates) are probably a much higher risk for you.įrame your problem in terms of creating good backups in general. Again, I can't dictate your risk profile, but this is probably not a prominent threat surface for you. You only manage risk, minimizing it within resource constraints. There are no absolutes in risk management. I know that is probably an unrealistic scenario, but optimally, I rather play it “better safe than sorry”. As long as an attacker does not have both a thumb drive and the encryption key, your backup is safe. For instance, you could give copies of the thumb drive to several friends, but have a couple family members store the encryption key, hand written on pieces of paper, in their safes. The reason this may be a win is that you only need to keep the encryption key separated from the thumb drives. This design means that the thumb drives themselves can be stored anywhere, but the encryption key itself also needs to be stored. Or you can get crazy complex and use encryption. You don't want a single failure such as a fire to destroy your backup.) You could simply have a family member keep it in their fireproof lockbox. It depends on your risk profile, which is a subjective measure of the kinds of threats you need to mitigate. Library? At my school? Ask a family member I trust Since you should refresh your backup at least yearly, the ephemeral (five to ten year life) nature of a thumb drive is not an issue.Īnother advantage of digital media is you can start thinking about an entire backup: JSON export of your vault, export of your TOTP datastore, a copy of your master password, and the recovery codes you have already identified. I have gone in a different direction and use removable media, such as a thumb drive. I have a printer, but I probably only turn it on five or six times per year. But over the last five or ten years it has really started to happen. For a while it felt like the opposite, that the storm of paper was getting worse. I haven’t bothered buying a new one, since my old printer broke down.īack in graduate school, when dinosaurs roamed the earth, teachers predicted a paperless workplace.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |