this post was submitted on 10 Jul 2023
2 points (66.7% liked)

Lemmy.world Support

3228 readers
22 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge


You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world



founded 1 year ago
MODERATORS
 

I've added the Secret key to my OTP app, but it never works. When I try to login it just spins and stops - no message what's wrong.

I panic'd when LemmyWorld logged out everyone and I couldn't get back in, but luckily with a password reset I'm back in. Still, can anyone else get 2FA working?

I just tried again, and nothing.

top 4 comments
sorted by: hot top controversial new old
[โ€“] [email protected] 2 points 1 year ago (1 children)

I use it with bitwarden and I needed to copy the whole URL into the secret field. Then it worked for me. Try again while stayed logged in on another Browser or a second device ๐ŸŒž

[โ€“] [email protected] 2 points 1 year ago

haha, I think I missed you posting this right before I found the same thing. thanks!

[โ€“] [email protected] 2 points 1 year ago (1 children)

Okay, I got it. I'm using BitWarden and I was putting in the exact secret key into the OTP field, not the full URI. After doing the full URI, it works. Hope this helps anyone else.

I didn't know I could do that until checking the BitWarden page: https://bitwarden.com/help/authenticator-keys/

[โ€“] [email protected] 3 points 1 year ago

The best practice when setting up 2fa would be for Lemmy to confirm a code before applying the change, to verify that OTP token generation is working as expected. It's mildly dangerous use 2fa on Lemmy in its current state due to the absence of that feature. Though as you note, password reset bypasses 2fa.