I've got a couple of Android phones set up to remote into various systems, but I'm starting to worry about what happens if one of them fails. Specifically, I'm concerned about accounts that may not have alternatives to SMS for MFA. How are you managing this in your environments?
Also, I'm aware that TOTP-based codes through a password manager can work for some, but we still need to account for notification-based MFA like Microsoft Authenticator, Duo, and the Thomson Reuters app. These apps have compatibility issues with virtual Android setups, at least from what I've seen.
2 Answers
Using a password manager like 1Password or Keeper can be really helpful for managing MFA, as long as it meets your needs. You can store your MFA tokens there, and for apps that require it, you can scan the QR codes for easier access. Just remember, it's good to have some backup methods just in case your phones are ever out of commission.
Even if you're not working in managed services, there are ways to handle MFA. We send codes via email to a distribution list for shared accounts, which helps if the platform supports it. Keeper also allows us to store MFA tokens securely and share access among team members, making it simpler to log in without relying solely on phone-based methods.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures