Common scenarios demonstrate this.

Using your laptop in the living room.

Walking to a café.

Visiting friends for the weekend.


Current Technical posture:

Already signed into email on the laptop and phone with the passwords saved to the browser’s built in password saver. Your passwords are synced to your phone through this browser or Google account.

Your bank 2FA codes are sent to the phone number tied to your physical SIM card in the phone.

Relatively common events:

There is a fire in the apartment and digital devices are destroyed.

Your bag, containing both devices, is stolen on the way to the café, friend’s house or while on vacation. Or your bag is drenched in rain along the way.

These scenarios result in your digital devices being unavailable or defective.

Recovery attempt:

Purchase another cellphone, but that physical SIM card from the old phone is also damaged or is not available due to theft. This means that you won’t be able to log into your bank app because many banks refuse to modernize their 2FA codes away from SMS. If you are not close your cellphone provider’s store (when traveling), you are now locked out of your banking apps.

Try to log into your Google account and gain access to email. You may remember that password or not, but either way cannot sign in, because Google will prompt for the 2FA code when logging in on the new device. Since you have no device with access to this account (or it’s 2FA), this means no password sync, no email.

You may have been using a Password Manager, like Keepass and cloud-synced over Dropbox - same scenario with Google account access. This is another lock-out scenario because Dropbox will send you an email for logging into a new device. With no access to that email account, there is no access to that Keepass File.


Simply losing your daily devices results in a total lock-out scenario of all your Digital Assets. This includes your contacts (phone numbers of your support system), email, banking and all others.

This can be a temporary inconvenience, a loss of all accounts and starting over with no history, or even a significant security risk to your person. Maybe you have another old laptop at home that is still logged into your email or maybe not.

Any convenient ‘save’, where you find an old phone or laptop that is already logged into your important accounts might seem lucky, but this would be an example of a poor security posture.

The Same common scenarios apply.

Excellent security posture (Vonvoo Method)

Already signed into email on the laptop and phone, with the password (and all others) saved to the Password Manager Bitwarden.

Your email 2FA is configured to 1) a device prompt on your current phone and 2) the Authenticator App (Authy) and 3) Backup email account Recovery Codes (saved to Bitwarden).

Bank 2FA codes are sent to your Primacy Virtual Phone Number (Google Voice or the best app for your Country or scenario).

The relatively common events from above are the same.
Recovery process:

Purchase a cheap cellphone with Emergency Cash. Create a burner/temporary Google or iOS Account to log into the phone.

Install and log into Bitwarden and as expected, it is prompting for a 2FA code. Since this is the planned Disaster Recovery Scenario, you have the Bitwarden Recovery Code printed on the back of your laminated Emergency Card in your wallet and travel belt. Log into Bitwarden in the browser and enter the Recovery Code to temporarily disable 2FA. Now log into the Bitwarden app on the phone. Now in the browser, in the Bitwarden account, re-enable 2FA and then log out.

Log into Authy, the account for the Virtual Phone Number (Google Voice) and email. Bonus, you also download the eSIM and now also have access to this phone number and data plan as well. Or if you have no eSIM, any physical SIM can be inserted into the phone, because your Critical Digital Assets, like Banking, are associated to the Google Voice phone number.


You have now completely recovered your Critical (and all) Digital Assets and can continue with the great vacation.

This is how digital security, when properly implemented, guards against Digital Asset Fragility.

Plan for the worst and have the best of times.