Is it safe to store OTP tokens on the same device? Even if app is encrypted and locked with passcode?

  • @[email protected]
    link
    fedilink
    English
    71 year ago

    In the case of Keepass, it is commonly said that it is best to have a database exclusively for your OTP.

    For example, you have your passwords in a db called “My passwords” with an exclusive encryption password, and then another db called “My OTP’s” with its own encryption password, so if someone somehow get access to one, that person still won’t have access to the other, and therefore cannot enter your account.