Description
I've been getting nagging emails and banners about setting up recovery codes. I had no interest in setting up recovery codes because I have my 2FA configured with redundancy, but rather than complain about it, I decided simply to generate the recovery codes to suppress the messaging.
When I did, I ran into additional issues. I generated the recovery codes and like a responsible person, I stored the codes in my password manager, a secure place I'd likely think to search if I needed them. I then closed my password manager and hit continue, only to find that I needed to burn one of the recovery codes to verify that I'd stored them safely.
So I unlocked my password manager again and cut out the last recovery code. Since it won't be usable again, I didn't want to leave it in the list of codes. I then closed my password manager, not realizing that it would clear the clipboard on close, so by the time I got back to my browser, the code was gone and was now irretrievable.
Thankfully, the workflow allowed me to regenerate the codes, so I went through the process again, this time being careful to paste the recovery code into the form before closing my password manager.
I've generated recovery codes for other services in the past, but I've never encountered this kind of experience. I've never had to use a recovery code to prove I knew how to save recovery codes. It feels a little heavy handed.
In any case, I'm all set up with recovery codes. I'm only posting this to capture a less than pleasant experience.