this post was submitted on 11 Jul 2023
17 points (94.7% liked)
Lemmy.world Support
3227 readers
2 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world/
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Had the same problem: when you tick the box nothing happens. Tried a few times and nothing so I stopped trying.
Something must have happened anyway, because last time I logout it asked me my 2FA to login again.
Guess what? I have a new account now.
Pretty sure these types of issues are caused by lag on your home instance. Hosting my own small instance I had no issues enabling 2FA. Maybe try again off peak hours.
One issue I do have is that I am unable to log out without clearing browser cache.
I've been trying for about two weeks now. I'm Australian so I'm usually online when most people are off-line as well.
Same thing happened to me, but I had another tab open where I was already logged in, so I could turn it off.
Apparently clicking "Forgot password" bypasses the 2FA.
Overall the implementation is awful. No backup codes either.
100% agree with you. I got 2FA working on lemmy.world but I had issues. I enabled 2FA on the website and nothing happen. Then I refreshed the page and then got the instructions on the bottom. I immediately clicked it and followed it. I had tried about 5 times in the past almost locking myself out one time.
I also can't believe there is no backup code either.
It almost feels kind of pointless in some ways, considering you can bypass it by clicking "forgot password" I'm glad it's there in the sense that it is broken, and it seems like a few people have needed it when trying to enable 2FA - however, if your email account is compromised and they can see you have a lemmy account, then it would be easy for them to hijack your lemmy account by clicking forget password.
Really hope they fix it soon.