Antoine Pitrou antoine@python.org:
A random piece of paper in my wallet may not have an extremely long lifetime (paper is fragile). And one piece of paper might be ok, but what if I need one for every 2FA-enabled Web site?
It's a legitimate question, so I'm taking mine out right now to check.
I use a single folded paper of like 20cm×10cm, so folded twice it take less than a standard card, and it's in a good shape as it's stored in a flat compartment of my wallet (I'm having it since like 6 months, I do not remember the "bad shape" of my previous one when I changed it).
I'm currently having 7 sevices on it, with 6 codes for each of them, there's still room for 4 services if I dont start using both sides. It's handwritten as I didn't had a printer at that time (yes, it's a PITA to write them all, I now have a printer and try with it next time).
So from my point of view it's totally OK to store them as a folded sheet of paper in a wallet, as long as you can print and cut them: I agree, handwriting them is really something I would not recommend. Also, renewing all codes (if your wallet get stolen) take a huge amount of time if you have codes for, say more than 5 sevices, it's something to consider, but does not happen often.
While I'm at it, applications like Google Authenticator does *not* display favicon or whatever, just the name of the service, it starts to be annoying up to 10 registered services (almost two screen long of OTP being generated).
Also, I consider receiving OTP over SMS a bad solution: you may not receive them in some places or some countries besides being relatively easy to intercept (by someone really wanting them, they could just buy a big wrench for $10 at this point).
-- Julien Palard https://mdk.fr