this post was submitted on 10 Jul 2023
10 points (100.0% liked)

Support (lemm.ee)

819 readers
2 users here now

lemm.ee Support

You can make a post here if you're looking for support with any issues!

For general discussion about lemm.ee, please post in !meta instead.

founded 1 year ago
MODERATORS
[email protected]
10
Locked out with 2FA (lemm.ee)
submitted 1 year ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

With the recent security concern with lemmy.world, someone recommended I enable 2FA. I checked the box on my web browser and a toast message instructed me to click a link below to complete the 2FA, but a link never appeared. I left my account settings and came back, and 2FA was not checked, so I assumed it just didn’t go through.

Except, I tried logging into another browser and it’s asking for my 2FA code. I cannot log in without it, and it is still showing as disabled on my account, so I don’t know how I can disable it again.

Any ideas? Can an admin disable that for an account?

top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

I heard other similar reports that 2FA in Lemmy is kinda buggy so I haven't tried to set it up myself yet.

That asides, I heard that the vulnerability would not be stopped by 2FA because it steals the "logged in" cookie, so they are "already logged in". Edit: lemm.ee is not vulnerable in any case.

[–] [email protected] 2 points 1 year ago

I loaded lemmy on the mobile browser again later today, and it was all fine. I cleared my account cache from the one browser I was still logged in to, but I honestly have no idea what fixed it. I guess I’ll just leave it off for the moment.

Thanks for the reply

[–] [email protected] 2 points 1 year ago (1 children)

Reset your password. That should disable the 2fa.

[–] [email protected] 1 points 1 year ago

I have the same problem on lemm.ee.. I reset PW, but it did not disable 2FA. I'm locked out, and I JUST SIGNED UP. Nothing happened when I turned on 2FA. No link, no keys, no QR code. This is frustrating.

[–] [email protected] 1 points 1 year ago

I have noticed that account settings seem to take a little to come into effect.

load more comments
view more: next ›