Yeah, I don't know why they wouldn't just generate a QR code that you can scan with your phone or give you the secret in text, like every other website does.
I use keepassXC on linux.
Copy the secret key from the url.
otpauth://totp/Lemmy.world:username?secret=xxxxxxxxxxxxxxxxxxxxxxxxx&algorithm=SHA256&issuer=Lemmy.world
Paste that here:
I tried all this, I did get keepass to provide the 2FA code, but lemmy won't accept it. I had to reset my password so I can get back in.
yes exactly the same issue i tried to decribe
My bad.
Same here. I added it to Keepass, then opened a private browser and tried to log in and it wouldn't take it. So one of 2 things:
- Most sites have you enter a code to validate that you have it right before applying the changes to your account - I did not get this in Lemmy
- They simply don't validate that you have 2FA set up correctly by asking you for a code prior to actually enabling it on your account and the log in with 2FA is broken.
I went ahead and removed 2FA so I wasn't locked out of my account if I get logged out somehow until this is fixed.
Yeah I think it's just not working correctly yet. 2FA should be removed until it's fixed. I doubt the admins can remove it. Only the lemmy devs can.
I wouldn't use 2fa until it requires a successful code check on setup, at this point you won't know whether you've successfully enabled 2fa or locked yourself out until you next try to log in.
See https://lemmy.eus/post/190738 for details.
Lemmy.world Support
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.