I've recently started to port all of my passwords out of 1Password and into Apple's new standalone Passwords app. It's a work in progress, and I'm using the opportunity to ensure two-factor authentication, along with strong unique passwords, is enabled wherever possible.

I recently logged into Netlify to check on a site build, but the platform didn't recognise the password saved in Passwords (most likely I had rotated the password but forgotten to save it properly back into Passwords). No problem - I just clicked 'Forgot your password?' and reset it. This time I was sure to accept the prompt to update Passwords with the new value.

So far so good - until I went to enter my 2FA verification code. Passwords no longer had a verification code configured for this account. Additionally, the notes that I had stored on this password record had also been wiped (luckily they weren't important).

I'm sure this is a bug that will get resolved - a quick search online uncovered others that had experienced this.

Luckily in this instance I had the recovery codes that are generated whenever 2FA is configured on a service, so I was able to get back into Netlify and reset my verification codes.

So here are my hot tips for using 2FA via Apple Passwords:

1. Always make sure you download your recovery codes.
2. Don't store them alongside the password - whilst they are secure they are at risk of being overwritten.