(blog.singleton.io)

274 points alexmolas | 1 comments | 26 Jul 24 19:20 UTC | HN request time: 0.231s | source

Show context

627467 ◴[26 Jul 24 23:33 UTC] No.41083265[source]▶

I love this, and have thought of doing the same with a dumb smartwatch but... is it good opsec to have top so visible/available? What about losing the watch or getting stolen?

replies(4): >>41083301 #>>41083310 #>>41086601 #>>41087016 #

mcsniff ◴[26 Jul 24 23:40 UTC] No.41083310[source]▶

>>41083265 #

Eh, I keep TOTP codes on my Pebble and am fine with it, they are labeled in such a way that doesn't make it obvious what services they're for.

There's basically no lock mechanism or security on a Pebble, but it's just a second factor.

If you have my randomly generated password, have done your intel to know I might have the TOTP on my wrist, and can physically steal my watch, you've got me beat and I'm okay with that for the convenience it provides.

replies(2): >>41084767 #>>41085645 #

1. justincormack ◴[27 Jul 24 10:36 UTC] No.41085645[source]▶

>>41083310 #

Early totp devices were designed to look like pocket calculators when these things were less well known. But you are supposed to reset the key if you lose the device.

↑

TOTP tokens on my wrist with the smartest dumb watch