No, because I haven't tried every service. What I do know is that key services I have notify me of every single login that is made, so I'd know anyway.
Plus, one has to examine at which point back up the chain the problem might occur or be spotted.
In this instance you've managed to access my TOTP keys, which means you've hacked and broken the encryption on the password manager or you've got malicious code running on my device. Or you have physical access to a running and unlocked machine.
In either of those cases I'm already truly fucked.
I would imagine that any scenario where I managed to get hold of your recovery keys would involve the same things, so you'd be truly fucked.
So in that sense there's no functional difference in the way I have things setup for me.
No, because I haven't tried every service. What I do know is that key services I have notify me of every single login that is made, so I'd know anyway.
Plus, one has to examine at which point back up the chain the problem might occur or be spotted.
In this instance you've managed to access my TOTP keys, which means you've hacked and broken the encryption on the password manager or you've got malicious code running on my device. Or you have physical access to a running and unlocked machine.
In either of those cases I'm already truly fucked.
I would imagine that any scenario where I managed to get hold of your recovery keys would involve the same things, so you'd be truly fucked.
So in that sense there's no functional difference in the way I have things setup for me.