another key takeaway for me from excavating the digital remains of a loved one who died suddenly:
usable security or bust. in my case, the iOS Password Manager saved the day because it stored their creds by default as they used their devices.
...but they found the 2FA app so confusing that they offloaded it and never saved the password to it.
SMS 2FA may be more insecure, but it confused them less and meant my access to their phone = access to 2FA. Security isn't the only thing that matters.
@shortridge now that iPhone keychain can also act as a 2FA device I bet that’ll get easier. Not easy.