7 upvotes, 1 direct replies (showing 1)
View submission: How to keep your Reddit account safe
Google Authenticator is tied to your physical device. It's meant to be a replacement for a YubiKey or similar. The whole point is to prove that you have the actual object.
Comment by Firehed at 06/05/2019 at 20:54 UTC
3 upvotes, 1 direct replies
Worth noting that other implementations do share across devices, intentionally trading some security for convenience.
I personally find this a fair trade, but do understand the implications. I’d much prefer that 2FA (specifically TOTP) supporting sites allowed you to register multiple token devices, which would greatly reduce the need to do this.