Two factor authentication, when used properly (for example, not SMS, but rather a OTP or a push notification) is a proven and revolutionary way to protect your accounts. However, this can also be a double-edged sword if you only have one device, didn’t take a copy of the backup codes, and also did not generate a backup (for example, Authy and others let you do this). Let’s say that you’ve had to reset your phone, or even worse, you’ve lost your phone, and now you are in a situation where you need access to an account that requires two factor….
I’ve just had that very same situation - except, I backup my account, and was able to recover it. The paranoid in me does not allow multiple devices, and I’ve had a relatively pain-free reset exercise with Authy who managed the entire process end to end - I just needed to start the app on my phone as soon as they were done, and , as if by magic, the shopkeeper appeared 😀 Actually, that line is from Mr Benn, but it does go some way to describing the process…
So, in short, keeping your accounts secure is obviously a must. Keeping a backup of your 2FA codes is imperative !