You can still accidentally leak your password via phishing or malware. 2FA is fine if you don’t tie it to a phone number, simplest way: install any authenticator app for TOTP tokens. Scan the QR code on multiple devices like phone + tablet, or old phone, for redundancy. Or save the secret key.
Google and most critical services also give you a list of 10 single use emergency codes that you should print or save in Keepass - lost the phone? Nbd just use one of the codes and reset 2FA.
I also never thought my non shared password would be public but one day I suddenly got prompted on the authenticator if I wanted to login; still no idea how or why but at least no one could get in and immediately rotated out the password.
You don’t evwn need to “scan” anything - you can copy and paste the steing they provide into, for example, KeepassXC, and then thoroughly back up its database.
You can still accidentally leak your password via phishing or malware. 2FA is fine if you don’t tie it to a phone number, simplest way: install any authenticator app for TOTP tokens. Scan the QR code on multiple devices like phone + tablet, or old phone, for redundancy. Or save the secret key.
Google and most critical services also give you a list of 10 single use emergency codes that you should print or save in Keepass - lost the phone? Nbd just use one of the codes and reset 2FA.
I also never thought my non shared password would be public but one day I suddenly got prompted on the authenticator if I wanted to login; still no idea how or why but at least no one could get in and immediately rotated out the password.
You don’t evwn need to “scan” anything - you can copy and paste the steing they provide into, for example, KeepassXC, and then thoroughly back up its database.