fun fact: 2FA QR codes contain the secret as just part of a url. you don't need to save the binary image, just figure out what the (usually base32-encoded) secret value is, and store that. google authentcator lets you type in the base32-encoded secret (useful if your phone's camera is broken). see e.g. https://garbagecollected.org/2014/09/14/how-google-authentic...