This is the fear I went back to Authy from Raivo (iirc they didn’t sync back then; besides I have never trusted iCloud sync) and Tofu. I lost access to two accounts that I would have wanted to avoid.
By the way, a few days back Twitter simply decided to stop accepting my 2FA keys. Luckily I was logged-in in another browser as well where I could disable 2FA. And no it didn’t accept backup code either.
So that’s another risk with 2FAs. What I am trying to say is — 2FA synced or not synced are problematic either way.
I am also wary of passkeys! What happens if my Apple (for example) account is disabled or I am locked out of it?
