Is it safe to store OTP tokens on the same device? Even if app is encrypted and locked with passcode?

  • Xirup@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    In the case of Keepass, it is commonly said that it is best to have a database exclusively for your OTP.

    For example, you have your passwords in a db called “My passwords” with an exclusive encryption password, and then another db called “My OTP’s” with its own encryption password, so if someone somehow get access to one, that person still won’t have access to the other, and therefore cannot enter your account.

    • SweetMylk
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Then use the same password for both for the sake of convenience.