Hi,
I am wondering if it is a security risk to use one Nitrokey 3 for 2FA in the following way:
- factor: FIDO2 (Passkey)
- factor: OTP
Nitrokey 3 allows to set separate passwords (PIN) for FIDO2 and OTP application. After x false tries the corresponding application will be reset.
Or is it better to use two independent devices, e.g. Nitrokey 3 for FIDO2 (1. factor) and an authenticator app to generate OTP?