4

Hi all,

Need to pick your brains for a bit regarding best practices for handling of account recovery issues while traveling.

Premise would be that my phone gets lost or stolen, and I may not have easy access to my laptop either, and being in a foreign country I couldn't easily get a copy of the original SIM to restore via OTP.

Consequently, I also don't really love the idea of using some password manager with a master password and no F2A.

Under those circumstances, what would you consider the best way forward to ensure accessibility without crippling myself in the process?

The only thing I can come up with is a random subdomain on one of my domains, with random username and random password, where I store an encrypted container containing txt-files. Maybe even further obscured with a random cypher (all numbers / letters shifted x positions to the right or something).

But there's gotta be other use-cases out there, so I was wondering what you are using?

Ideally something that doesn't involve another person.

Thanks!

you are viewing a single comment's thread
view the rest of the comments
[-] youngGoku@lemmy.world 1 points 11 months ago

My nextcloud instance uses fail2ban and I use a >32bit strong password.

Assuming I lose my phone and my laptop and my personal computer and my nextcloud instance I would be screwed.

Since I host my own mailserver I would be able to create a new mailserver with a new password though and recover any accounts with a new email.

this post was submitted on 17 Jan 2024
4 points (66.7% liked)

cybersecurity

3376 readers
2 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 2 years ago
MODERATORS