Wow, two-factor authentication on websites without SMS is sure easy these days:
Why did I wait so long to do this? It's e-e-e-easy!
Ah, forgot step 5: save backup codes the site provides into your password manager. Or maybe set up more second factors.
Also, before you ask: yes, Mastodon supports 2FA: App Settings → User Preferences → Account → Account Settings → Two-factor Auth
@minoru bitwarden is amazing with this
@Sylphox Isn't it pointless to store both the passwords and the tokens in the same wallet? That can hardly be called a two-factor authentication, since there's just one factor (the wallet) that happens to produce multiple secrets.
The only attack that I can think of that this approach would stop is someone stealing the site's password, e.g. from the clipboard. All other attacks are still just as easy as without 2FA.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!