{"id":479975,"date":"2022-07-30T15:00:25","date_gmt":"2022-07-30T12:00:25","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/where-should-you-store-recovery-codes\/"},"modified":"2022-07-30T15:00:25","modified_gmt":"2022-07-30T12:00:25","slug":"where-should-you-store-recovery-codes","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/","title":{"rendered":"#Where Should You Store Recovery Codes?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3ccc148a617\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3ccc148a617\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#%E2%80%9CWhere_Should_You_Store_Recovery_Codes%E2%80%9D\" >&#8220;Where Should You Store Recovery Codes?&#8221;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#What_Are_Recovery_Codes_and_Why_Do_I_Need_Them\" >What Are Recovery Codes, and Why Do I Need Them?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#2FA_Is_Enabled_Where_Is_My_Recovery_Code\" >2FA Is Enabled, Where Is My Recovery Code?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Option_1_Print_Out_Your_Recovery_Codes\" >Option 1: Print Out Your Recovery Codes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Option_2_Store_Recovery_Codes_in_the_Cloud\" >Option 2: Store Recovery Codes in the Cloud<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Option_3_Keep_Recovery_Codes_on_a_USB_Flash_Drive\" >Option 3: Keep Recovery Codes on a USB Flash Drive<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Where_You_Should_Never_Store_Recovery_Codes\" >Where You Should Never Store Recovery Codes<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Inside_a_2FA-protected_Service_or_Account\" >Inside a 2FA-protected Service or Account<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#On_Your_Computers_Desktop\" >On Your Computer\u2019s Desktop<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#On_a_Sticky_Note_Stuck_to_Your_Monitor\" >On a Sticky Note Stuck to Your Monitor<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/buradabiliyorum.com\/en\/where-should-you-store-recovery-codes\/#Storing_Your_Recovery_Codes_Safely\" >Storing Your Recovery Codes Safely<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CWhere_Should_You_Store_Recovery_Codes%E2%80%9D\"><\/span>&#8220;Where Should You Store Recovery Codes?&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<figure style=\"width: 1200px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage size-full wp-image-815677\" data-pagespeed-no-defer=\"\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/06\/woman-smartphone-unlocking-pin-code.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Over-the-shoulder view of a woman unlocking a smartphone by typing in a PIN, with a laptop in the background.\" width=\"1200\" height=\"675\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/phone-lock-code-smartphone-protection-2fa-2015357270\">Tero Vesalainen\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>You\u2019ve taken steps to secure your digital services by enabling Two-Factor Authentication. But what do you do with the recovery codes a service gave you to gain access if the usual authentication method is unavailable?<\/p>\n<p>You need to keep recovery codes secure, but more importantly, keep them somewhere you\u2019ll have access to when you need them.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"What_Are_Recovery_Codes_and_Why_Do_I_Need_Them\"><\/span>What Are Recovery Codes, and Why Do I Need Them?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Recovery codes are a failsafe, a way to override additional security measures placed on a digital service or account. They are randomly generated, single-use, and usually consist of at least 16 digits.<\/p>\n<p>You are often given a single code, but you might also receive several, such as when you set up Two-Factor Authentication (2FA) on a Google account. If you are given multiple codes, any one of them can be used to authenticate your login.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-815078 size-full\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/06\/google-recovery-codes.png?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"2FA recovery codes for a Google account\" width=\"650\" height=\"408\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Two-Factor Authentication requires a second way to authenticate access, often on a separate device. If that device was lost, stolen, or inoperable, you could lose access to the account forever. Recovery codes are an authentication backup, used when the second factor in 2FA isn\u2019t available.<\/p>\n<p>In the case of a zero-knowledge service, such as cloud storage, a recovery code or key is used similarly. The recovery code or key is linked to your password digitally. If you forget your password, the recovery key proves that you are authorized to access the account. It is more important to keep this type of recovery code in a secure place as it is used in place of your password, rather than alongside it.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"2FA_Is_Enabled_Where_Is_My_Recovery_Code\"><\/span>2FA Is Enabled, Where Is My Recovery Code?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When you set up 2FA on your accounts, there is usually a clear prompt to generate and <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">download<\/a> your recovery code. If you missed it, or have downloaded a code and don\u2019t know where it is, you can usually generate a new one from within the account.<\/p>\n<p>Sign in to your account using the 2FA method you set up. The recovery code can usually be found in the security section of the account settings. You might find your existing recovery code here, or instructions for generating a new one. When you generate a new code, any previously downloaded codes will be invalid. Make sure you keep it somewhere safe!<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Option_1_Print_Out_Your_Recovery_Codes\"><\/span>Option 1: Print Out Your Recovery Codes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>For most people, storing your recovery codes on paper is one of the most secure methods. Paper can\u2019t be hacked or accessed by someone remotely. You could lose the piece of paper, but you can easily print multiple copies, keeping one safe at home, another in your purse or wallet, etc.<\/p>\n<p>As long as you don\u2019t store the codes alongside your other log-in details, there isn\u2019t much someone could do with them even if they see the printout. It isn\u2019t a very technologically-advanced method, but sometimes the old ways are the best.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Option_2_Store_Recovery_Codes_in_the_Cloud\"><\/span>Option 2: Store Recovery Codes in the Cloud<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Another good option is to store recovery codes in your cloud storage vault, as long as it doesn\u2019t also use Two-Factor Authentication. If it does, you are only moving the problem back a step.<\/p>\n<p>Keeping your recovery codes in a cloud storage vault means you can access them anywhere, as long as you have some means of getting online. You could use the cloud storage service you already have an account with or take advantage of the free account offered by almost every cloud storage provider.<\/p>\n<p>When you download recovery codes as a text or PDF file, it is usually given a random file name. If you think you might forget what the file and the codes are for, you can name it something more memorable. Just don\u2019t call the file \u201cLastPass 2FA Recovery Codes\u201d or anything that obvious.<\/p>\n<p>As with most of the other methods we are discussing, it is best to store your recovery codes on their own\u00a0and never in the same place as the other login details. If you follow this rule, hiding the file behind a fake filename becomes less important.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Option_3_Keep_Recovery_Codes_on_a_USB_Flash_Drive\"><\/span>Option 3: Keep Recovery Codes on a USB Flash Drive<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Keeping your recovery codes on a USB flash drive has several advantages. No one can hack into it to steal the codes, it isn\u2019t reliant on an Internet connection for access, and they are easy to carry around.<\/p>\n<p>Most small USB drives have a hole or loop so they can be attached to your keyring. And as you are unlikely to leave your keys lying around in unsafe places, the USB and your recovery codes will be safe.<\/p>\n<figure style=\"width: 650px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-815678\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/06\/usb-flash-drive-plugged-in-key-ring.jpg?trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"A USB flash drive plugged into a laptop and attached to a key ring with a physical key.\" width=\"650\" height=\"456\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/key-lock-flash-drive-on-usb-1612417876\">Omurali Toichiev\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>If you choose to use this option, it is a good idea to use a high-quality USB thumb drive. Ideally, choose one with a metal body to reduce the risk of the drive being broken or lost.<\/p>\n<p>You could also password-protect the USB drive, or even encrypt it with BitLocker or another encryption tool. But that requires you to remember yet another password.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Where_You_Should_Never_Store_Recovery_Codes\"><\/span>Where You Should Never Store Recovery Codes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>2FA recovery codes aren\u2019t as sensitive as passwords, at least not on their own. But there are still a few places you should never keep them.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Inside_a_2FA-protected_Service_or_Account\"><\/span>Inside a 2FA-protected Service or Account<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Don\u2019t keep the recovery codes for your password manager inside your password manager. If you enable two-factor authentication on your Google account, don\u2019t store recovery codes in your Google Drive. These may seem obvious, but when you\u2019re used to using one place to store all your sensitive data, it\u2019s easy to make that kind of error.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"On_Your_Computers_Desktop\"><\/span>On Your Computer\u2019s Desktop<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Many of us rely on browser password auto-fill tools these days. If your computer is accessed by someone with bad intent, they might not even need to know your password. Your computer could enter it for them and, when combined with recovery codes, access your 2FA-protected accounts.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"On_a_Sticky_Note_Stuck_to_Your_Monitor\"><\/span>On a Sticky Note Stuck to Your Monitor<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Like the reasons above, if you have your recovery codes on a sticky note and someone manages to physically access your computer, the recovery codes are right there. Should they manage to discover the accompanying password, you\u2019ll be in trouble. But, you might be saying, storing recovery codes on paper is the first option in this guide. It is, and keeping codes on paper is fine, as long as the paper is kept somewhere private and safe, away from your device.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Storing_Your_Recovery_Codes_Safely\"><\/span>Storing Your Recovery Codes Safely<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Recovery codes for 2FA are important, and you should keep them safe, but it is more important to keep them accessible.<\/p>\n<p>Using a combination of the methods explored here will mean your recovery codes are safe and available when you need them. Choose the methods that work best for you, and take advantage of any tools already available.<\/p>\n<p>For example, if you already have cloud storage, or always carry a USB drive on your keys, keep your codes there. And then also print them out as a backup.<\/p>\n<p>Here are a few final thoughts and tips to consider when storing recovery code:<\/p>\n<ul>\n<li>Never store recovery codes with other login information for the account. This includes the username, password, or account name.<\/li>\n<li>Splitting the recovery code into two parts can improve security when stored. Someone who finds the parts of the code can\u2019t use them without recognizing that they need to be joined. And even then, they need to know in which order the parts are entered.<\/li>\n<li>For your most important 2FA-protected services, such as the password manager that holds all of your account login details, refresh or update recovery codes regularly.<\/li>\n<li>But remember, if you refresh your codes, or if you have to use a single-use recovery code, don\u2019t forget to replace the stored code with the new one.<\/li>\n<\/ul>\n<p><strong>RELATED:<\/strong> <strong><em>8 Cybersecurity Tips to Stay Protected in 2022<\/em><\/strong><\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/815064\/where-should-you-store-recovery-codes\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;Where Should You Store Recovery Codes?&#8221; Tero Vesalainen\/Shutterstock.com You\u2019ve taken steps to secure your digital services by enabling Two-Factor Authentication. But what do you do with the recovery codes a service gave you to gain access if the usual authentication method is unavailable? You need to keep recovery codes secure, but more importantly, keep them&#8230;<\/p>\n","protected":false},"author":1,"featured_media":479976,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/06\/woman-smartphone-unlocking-pin-code.jpg?height=200p&trim=2,2,2,2","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-479975","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/479975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=479975"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/479975\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/479976"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=479975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=479975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=479975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}