23
Just realized my 2FA backup codes were sitting in an unprotected Google Doc
I dug into my Google Drive last week to clean things up and found a doc titled 'backup codes' from 2021 with all my 2FA recovery keys just sitting there. I had totally forgotten I saved them there for convenience and they were accessible from any device logged into my account. Has anyone else accidentally left sensitive stuff like this exposed in cloud storage?
2 comments
Log in to join the discussion
Log In2 Comments
skyler_fox7211d ago
Found the same thing in my Dropbox once. Had a whole note titled "passwords" that I'd totally forgotten about, just there for anyone who hacked my account to grab. Now I keep those codes in an encrypted folder with a different password, feels a little safer but still not perfect.
1
samw4711d ago
Using an encrypted folder with a separate password is a smart move. I actually take it a step further and keep my important codes in a physical notebook that stays in my fire safe at home. The cloud is handy for convenience but I just don't trust it enough for the really sensitive stuff after hearing too many stories like yours. A little bit of old-fashioned paper backup has saved me more than once when things went digital.
5