https://github.com/LemmyNet/lemmy/issues/3325 holy fuck that’s bad, lemmy generates TOTP links that don’t work with most authenticators and doesn’t verify with an initial 2fa code before enabling it
@sneak2@awful.systems, you may be able to unlock your original account if you do the “forgot my password” flow, which apparently lets you disable 2fa (which also feels pretty insecure). that’ll require your account to have an email associated with it though. otherwise as soon as I’m at my computer I’ll run the query in that github issue to disable 2fa on your account and ping you when it’s fixed.
https://github.com/LemmyNet/lemmy/issues/3325 holy fuck that’s bad, lemmy generates TOTP links that don’t work with most authenticators and doesn’t verify with an initial 2fa code before enabling it
@sneak2@awful.systems, you may be able to unlock your original account if you do the “forgot my password” flow, which apparently lets you disable 2fa (which also feels pretty insecure). that’ll require your account to have an email associated with it though. otherwise as soon as I’m at my computer I’ll run the query in that github issue to disable 2fa on your account and ping you when it’s fixed.
I disabled 2fa for their account and left a message with the email they used for @sneak2@awful.systems