So just got news via comments about retarded devs leaving twilio creds. in their apps published to the app stores, attached below is an interesting snap of the document appthority has published, wonder who is getting beat up right now for leaking corporate meetings 😶

third try, this time the image did actually work.. 😆

But you see what I mean? It's nice to know who's at fault. I hope this puts your mind at ease. But I still stand by my opinion that backing up your 2FA codes is like taking a picture of where you keep your spare keys. It defeats the purpose and 2FA becomes irrelevant should someone learn your 2FA backup password.

@FlexibleCoder63 and yet still its better than having only a password on a website so the one getting the 2fa still has to know the account login credentials fully (especially hard with random generated ones) and new devices iirc anyway have to be approved by another existing device.