this post was submitted on 02 Jul 2023
20 points (100.0% liked)
Beehaw Support
2797 readers
3 users here now
Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.
A brief FAQ for lurkers and new users can be found here.
Our September 2024 financial update is here.
For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Not a bug, more of a PSA.
When you setup 2FA, there is no mandatory verification step in Lemmy 0.18 for now. That means you can log out without setting up 2FA in your app or software correctly. Be careful or you might lock yourself out of your account permanently.
Stuff like that is why I avoid 2FA wherever possible. It doesn't significantly improve my security because I always use unique random passwords, and it does create the risk I'll be locked out of my account.
Having worked on programming auth stuff before, that is absolutely a bug. It may stem from a mistake in planning rather than one in implementation, but that is unambiguously the wrong behavior.