In a few weeks I’ll do a workshop about security for people who are tech illiterate, I plan to teach about password managers and 2FA.
If I show the 2FA number codes, like the 123 456 ones that I have to paste when required, can that be a possible security breach for me? or is it save since is gonna change in a few seconds anyway?
You can setup a Nextcloud instance in a docker and then enable TOTP for the logins. That way, its a separate thing from what you’re personally using, and provides a direct analog to the online services that they use. You can even create multiple accounts for your students and have them try it personally.
Here’s the docker-compose file if you’re interested.