This is an update on my privacy setup since my last post. Yeah, I know WhatsApp belongs to Meta and is handing over all my data to the US, Israel, Iran, China, the Vatican, and Mars, but for personal reasons, I can’t ditch it right now. How can I improve my setup?
You’re right, but if they have your password manager, they likely have your phone, and that means they have your Aegis too.
Still, my suggestion is less of a second factor unless you have 2fa on your keypass, so not best practice.
honestly it doesn’t really matter if they have access to my phone, because my Aegis and Keepass are protected by passwords, and different ones at that. anyway, I took your first comment into consideration and created a Keepass vault just for TOTP, with a different password from my password vault, of course, so if they access one of my vaults they wouldn’t have access to my passwords. I deleted my Aegis since I won’t need it anymore, but I kept a backup saved just in case.