If you have a hardware security passkey like Yubikey as the only way to access the account and NO recovery phone or email, ONLY just backup codes secured locally, I feel like this wouldn’t be an issue anyways. I recently had someone try to use my old but still lightly active gmail to order Chipotle. I knew they couldn’t have access to my email though because only I have the Yubikey passkeys to get in.
True, I keep one on me and show some of my fellow technical friends, yet they don’t use one either.
I just wish I’d known about it sooner. I feel like I sleep better at night knowing everything is secured like that.
If you have a hardware security passkey like Yubikey as the only way to access the account and NO recovery phone or email, ONLY just backup codes secured locally, I feel like this wouldn’t be an issue anyways. I recently had someone try to use my old but still lightly active gmail to order Chipotle. I knew they couldn’t have access to my email though because only I have the Yubikey passkeys to get in.
Be honest, how many people own a hardware key, let alone use it properly. Meaning it be the only 2FA method on your account.
True, I keep one on me and show some of my fellow technical friends, yet they don’t use one either. I just wish I’d known about it sooner. I feel like I sleep better at night knowing everything is secured like that.