RE: https://infosec.exchange/@fob/116790376409526541
I’m somewhat surprised that this is a real experience. Modern password managers, where people mostly store TOTP seeds and even passkeys, are mostly cloud-master models where the end device can safely be factory-rest and restored from the online data.
@grumpybozo I think your mental model of “most people” may be a bit skewed. Sure, all the people who know what they’re doing are using a password manager. A typical person has two, plus several TOTP apps depending which one a given site recommended, and a bunch of saved passwords in three different browsers.
