So possible talaga na yung authenticator sa phone at pc ay iisa lang? halimbawa mag-withdraw ako sa coins.ph vie web tapos lowbat yung phone ko kaya ang gagamitin kong authenticator ay yung nasa pc, pwede yun?
Yes. As long as iisang database lang naman ang gamit mo.
ungkol naman sa 2fa risk if ever na may makakuha ng backup database, need pa din naman nila malaman yung username at password bago nila magamit yung 2fa, tama ba?
Need nila ung password para ma-decrypt ung database, yes. Kaya make sure na mahirap i-bruteforce ung password na gagamitin mo para i-lock ung database. Follow the usual account password requirements for better security(40 characters, with numbers and symbols, etc).