jollins@programming.devtoApple@lemmy.world•Michael Tsai Blog - Is It Safe to Store Passwords and 2FA Codes Together?English
1·
1 year agoThere’s a balance between convenience and security and IMO storing both on 1Password is fine. An attacker getting into your 1PW account would require them having
-
your username
-
and your password (which should be unique to only 1PW)
-
and your secret key
-
or physical device access with your 1PW password or biometric auth credentials
in which case an attacker really wants your stuff, has your device, and you have bigger issues.
I feel like this is similar to saying “is your front door lock strong enough?” when a thief is at your door and really wants to get inside, regardless of level of effort required.
I can’t speak for the weekly refresh since I have a Apple dev account (which changes the refresh to 365 days) but altStore and altServer on Ventura works just fine on my iOS 17 phone