this post was submitted on 10 Jul 2023
10 points (100.0% liked)

Support (lemm.ee)

820 readers
1 users here now

lemm.ee Support

You can make a post here if you're looking for support with any issues!

For general discussion about lemm.ee, please post in !meta instead.

founded 1 year ago
MODERATORS
sunaurus@lemm.ee
10
Locked out with 2FA (lemm.ee)
submitted 1 year ago by loopy@lemm.ee to c/support@lemm.ee
6 comments fedilink hide all child comments
 

With the recent security concern with lemmy.world, someone recommended I enable 2FA. I checked the box on my web browser and a toast message instructed me to click a link below to complete the 2FA, but a link never appeared. I left my account settings and came back, and 2FA was not checked, so I assumed it just didn’t go through.

Except, I tried logging into another browser and it’s asking for my 2FA code. I cannot log in without it, and it is still showing as disabled on my account, so I don’t know how I can disable it again.

Any ideas? Can an admin disable that for an account?

you are viewing a single comment's thread
view the rest of the comments
[–] Mythril@lemm.ee 4 points 1 year ago* (last edited 1 year ago) (1 children)

I heard other similar reports that 2FA in Lemmy is kinda buggy so I haven't tried to set it up myself yet.

That asides, I heard that the vulnerability would not be stopped by 2FA because it steals the "logged in" cookie, so they are "already logged in". Edit: lemm.ee is not vulnerable in any case.

[–] loopy@lemm.ee 2 points 1 year ago

I loaded lemmy on the mobile browser again later today, and it was all fine. I cleared my account cache from the one browser I was still logged in to, but I honestly have no idea what fixed it. I guess I’ll just leave it off for the moment.

Thanks for the reply