Your backup code can be used to disable two-step authentication on your account in case you lose all your devices used for the second authentication step. It is very important to keep this secure—possession of your password and backup code results in full access to your account.
We recommend the following ways of storing your backup code, in order of decreasing security:
Any of the methods above should be secure against the most common threats to your account.
Note that when using a USB flash drive, we strongly recommend that you keep one dedicated to backup codes for Stripe and other websites and only ever plugged it in to add or read a new code. This makes it more difficult for malware to read the credentials.
We do not recommend storing your backup code:
If you suspect that your backup code may be compromised, go to your two-step authentication settings and regenerate a new one as soon as possible. This will invalidate the old code.