After reading another HN comment, I'm wondering what people have as a back-up for 2FA when going on holiday.<p>Now that it's often allowed, I usually have an old phone stashed in my check-in bag. Is that common practice? Is there something simpler I'm not thinking of?
Yubikey or equivalent.<p>You don’t necessarily need a second <i>phone</i>. You may need a second phone <i>number</i> in your home country that you can get calls and SMS anywhere. VOIP services such as Google Voice, Hushed, Skype work, but test first because some banks etc. won’t accept VOIP numbers.<p>I have travelled full-time for over 12 years. I carry one phone, an iPad, have three email accounts, two US numbers (Google Voice and Hushed), a local number wherever I stay (e-SIM), a Yubikey and backup key. Have never needed a second phone.
I should probably have clarified - I don't actually use the phone as a backup for 2FA through SMS. That would probably require porting the number if something happened to the first phone, or setting up 2 seperate SMS 2FA methods on every account (where that is even possible). Also, I hate SMS 2FA.<p>I think of the 2nd phone as basically just a little portable computer with Bitwarden, and on which I could probably use some sort of messaging app or email while I replaced the first phone.<p>Yubikey is the popular answer so far. I have thought of that in the past, but never followed through on. Less versatile (can't run apps)? Certainly more portable.
It occurs to me that a lot of the solutions here are technically involved, which isn't a surprise given where I asked. But so far I haven't seen any can't-be-bothered-thinking-about-it, obvious and simple solutions.<p>Are the majority of people who don't like doing this stuff just not using 2FA, or just risking being locked out? All the people I know in this category are doing one of these options.
If you're <i>really</i> worried, Dangerous Things has just the thing. <a href="https://dangerousthings.com/product/apex-flex/" rel="nofollow">https://dangerousthings.com/product/apex-flex/</a>
0. Yubikey that I travel with<p>1. SSH into a fixed desktop that has a Yubikey plugged in so I can receive the TOTP codes for the idiot services that only allow registering 1 Yubikey<p>2. All phone-based 2FA go to a virtual number that forwards to a place that I can access remotely from any device<p>Yeah, not ideal, but not having access to my own shit in a foreign country is a bigger risk.<p>I also keep an old phone hidden deep in my luggage, not for a 2FA backup but just to have a phone to use in case my main phone is stolen or breaks.
Carry a spare phone with no cell activation, no accounts and no data to hand over to police/CBP/whoever.<p>Some 2FA I have run into lately will email or SMS a code (WTF?)<p>My watch has cellular and will show messages. Is this a backup?