Do 2FA Codes on the same device defeat their purpose? [duplicate]
I have my iPhone connected to my MacBook and receive SMS codes on my computer, which is very convenient. I also recently learned you can have an authentication app on your MacBook too. I just wonder if this doesn't defeat the purpose?
I also notice chrome extensions offering to serve my google authenticator codes but the etension is not from google. Wonder if that's a good idea.
What if my phone got compromised, the attacker would be able to used saved logins + the app?
What if my laptop got compromised and it also has all the verification codes?
I guess 2FA still prevents attackers in some random country from hacking with only knowing the password from a leak. For optimal security I should probably get a separate phone with just authenticathor on it, without anything else?
