So I’ll be traveling in such a way that I’ll be crossing the US border. I want to take a burner phone so I can wipe it, or have innocuous enough data. The problem: all my passwords are stored in a password manager that uses 2FA tied to my primary phone which will be sitting at home (along with other sites that use 2FA tied to authenticators on my phone).
So remembering passwords is out. And not having access to 2FA presents a catch-22. So what’s the best way to approach that?
Assuming your 2FA method is TOTP. Back up the 2FA keys to an encrypted file, with a long passphrase. Take it with you (or store it in the cloud, in this situation this is possibly safer). The when you need them just
- install a TOTP app
- import decrypted keys
- login to things. Then when you’re done logout of things and delete the TOTP app.
I like this. Australia has draconian phone search laws when entering, so I might adopt this in the future on principle.
What happens when you get in? You need to let them access everything ?
Everything, or indefinite detention without a lawyer.
Jesus Christ!
I carry a yubi key to unlock my password manager. (Probably shouldn’t have said that) If you have a form of 2fa they wouldn’t know about, that might help you
Having a Yubikey isn’t supposed to be a secret. Security through obfuscation is poor security.
It wouldn’t be much of a secret anyway, since your device would say something like, “Please present your hardware key,” when logging in. If OP had a Yubikey with them, ICE could simply search them and use it themselves.
Yubikeys are excellent against digital attacks but not physical ones, since it’s akin to carrying a lock and key together.
