submitted 2 years ago by loopy@lemm.ee to c/support@lemm.ee

6 comments fedilink hide all child comments

With the recent security concern with lemmy.world, someone recommended I enable 2FA. I checked the box on my web browser and a toast message instructed me to click a link below to complete the 2FA, but a link never appeared. I left my account settings and came back, and 2FA was not checked, so I assumed it just didn’t go through.

Except, I tried logging into another browser and it’s asking for my 2FA code. I cannot log in without it, and it is still showing as disabled on my account, so I don’t know how I can disable it again.

Any ideas? Can an admin disable that for an account?

you are viewing a single comment's thread
view the rest of the comments

[-] Mythril@lemm.ee 4 points 2 years ago* (last edited 2 years ago)

I heard other similar reports that 2FA in Lemmy is kinda buggy so I haven't tried to set it up myself yet.

That asides, I heard that the vulnerability would not be stopped by 2FA because it steals the "logged in" cookie, so they are "already logged in". Edit: lemm.ee is not vulnerable in any case.

[-] loopy@lemm.ee 2 points 2 years ago

I loaded lemmy on the mobile browser again later today, and it was all fine. I cleared my account cache from the one browser I was still logged in to, but I honestly have no idea what fixed it. I guess I’ll just leave it off for the moment.

Thanks for the reply

this post was submitted on 10 Jul 2023

10 points (100.0% liked)

Support (lemm.ee)

951 readers

1 users here now

lemm.ee Support

You can make a post here if you're looking for support with any issues!

For general discussion about lemm.ee, please post in !meta instead.

founded 2 years ago

MODERATORS

EllaSpiggins@lemm.ee