• Yote.zip@pawb.social
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    1 year ago

    It’s mainly a difference in threat model. 2FA within a password manager is still 2FA for concerns of a website login being hacked by remote adversaries, which is the most important problem to solve.

    If you use 2FA within your password manager, you should still lock that outer-most password vault with 2FA from a separate device (like you said), which solves your password vault being hacked by remote adversaries. Optionally, you can then use aggressive idle-locking of your vault on your personal devices, in case they’re stolen physically.