Posted in the account requests (I just approved it):
HELP: I enabled two-factor authentication on my other account, sneak, and when I logged out, the TOTP doesn’t work. The site didn’t give me seed words to log back in case this failed, and now I’m locked out of my account. Can you assist?
https://github.com/LemmyNet/lemmy/issues/3325 holy fuck that’s bad, lemmy generates TOTP links that don’t work with most authenticators and doesn’t verify with an initial 2fa code before enabling it
@sneak2@awful.systems, you may be able to unlock your original account if you do the “forgot my password” flow, which apparently lets you disable 2fa (which also feels pretty insecure). that’ll require your account to have an email associated with it though. otherwise as soon as I’m at my computer I’ll run the query in that github issue to disable 2fa on your account and ping you when it’s fixed.
hoo boy let me look into this. I’m not too surprised 2fa is broken, but I may need to pop open the database to disable it since lemmy’s admin UI is pretty threadbare
Posted in the account requests (I just approved it):
https://github.com/LemmyNet/lemmy/issues/3325 holy fuck that’s bad, lemmy generates TOTP links that don’t work with most authenticators and doesn’t verify with an initial 2fa code before enabling it
@sneak2@awful.systems, you may be able to unlock your original account if you do the “forgot my password” flow, which apparently lets you disable 2fa (which also feels pretty insecure). that’ll require your account to have an email associated with it though. otherwise as soon as I’m at my computer I’ll run the query in that github issue to disable 2fa on your account and ping you when it’s fixed.
I disabled 2fa for their account and left a message with the email they used for @sneak2@awful.systems
hoo boy let me look into this. I’m not too surprised 2fa is broken, but I may need to pop open the database to disable it since lemmy’s admin UI is pretty threadbare