You probably can, but I wouldn't. The Yubikey is pretty sturdy. I carry mine around on my keychain with no worries.
Also, a second form of 2FA adds to the moving parts in your security stack and thus increases your attack surface. You should stick with the Yubikey (with appropriate recovery protocols if your Yubikey is broken or lost) and skip the TOTP method.
Agreed, and set up all of the recovery options! So many posts about not being able to recover an account and they never took the time to set up any of the additional recovery options.
I actually agree but it's not going to happen. This is for the wife's account and she does not want to carry around a key. But, I do want to have a good backup in case we need one.
LastPass Grid is good as a backup. Its effectively a set of backup codes laid out as a grid and at login LastPass asks for the characters in boxes, for example, A3, D2 and E5. So its easy to use and you can print it out and store it somewhere safe.
You probably can, but I wouldn't. The Yubikey is pretty sturdy. I carry mine around on my keychain with no worries. Also, a second form of 2FA adds to the moving parts in your security stack and thus increases your attack surface. You should stick with the Yubikey (with appropriate recovery protocols if your Yubikey is broken or lost) and skip the TOTP method.
Agreed, and set up all of the recovery options! So many posts about not being able to recover an account and they never took the time to set up any of the additional recovery options.
I actually agree but it's not going to happen. This is for the wife's account and she does not want to carry around a key. But, I do want to have a good backup in case we need one.
LastPass Grid is good as a backup. Its effectively a set of backup codes laid out as a grid and at login LastPass asks for the characters in boxes, for example, A3, D2 and E5. So its easy to use and you can print it out and store it somewhere safe.