Where did you save your 2FA backup codes?

You setup 2FA wherever possible, have a premium license of a password manager, and never reuse a password on any two sites. Congrats! Your cyber hygiene is in fairly good shape.

That is of course until you remember that when you setup your 2FA, you were also given a set of backup recovery codes, which you never bothered to save.

And rightly so! after all, how would you keep those codes secure anyway? Storing them on a post-it note glued to your screen probably isn’t the best idea, and neither is saving it in your cloud drive or your password manager’s secure notes. After all, if you lose your 2FA device and need a backup code, how would you login to your password manager or cloud account to retrieve it in the first place?

The backup codes put us in a predicament of circular dependancies, and for this very reason, you and I , for the most part, have left them untouched.

But seriously now, what if we do lose our 2FA device and need these codes to regain access? What if we need a family or team member to access the account in an emergency?

This is exactly where social recovery paradigms such as enabled by Kosign.xyz come in to play, with secure encrypted vaults and distributed keys, kept safe by your quorum of key guardians. If you ever lose your 2FA, you can always call your key guardians to perform an unlock ceremony. Kosign vaults can also be downloaded and printed on paper, while remaining encrypted. This lets you securely keep an offline backup of your data, even if you keep it pinned to your fridge.

Vitalik Buterin, founder of Ethereum, has been vocal on the need for greater adoption of social recovery, as this is the ideal way for most people to store sensitive data that simply doesn’t fit the password manager model.

Check out Kosign.xyz to setup your multi-signature data vault with distributed keys and social recovery.