this post was submitted on 25 Jun 2023
5 points (100.0% liked)

Meta

2 readers
1 users here now

About

๐Ÿ—ž๏ธ FOSSware staff will post regular updates about this instance or other Fediverse topics in this community.


Rules

๐Ÿงพ General Instance Rules apply

Look at the side bar of the main feed.

๐Ÿ‘ฎ Only Staff Members can create Threads here

If you need help or want to ask a question, use /c/fossware_support. Thanks! ๐Ÿ˜ป


๐Ÿ”— Other Resources

founded 1 year ago
MODERATORS
 

Hello, guys!

As mentioned in the server maintenance post, 2FA is now available with Lemmy 0.18.0. However, the implementation seems to be borked.

Issues right now
  • Instead of a QR code as usual, users will be presented with a button that opens a link
  • There's no check whether or not the generated tokens work, 2FA is just being enabled without prior safety-check
  • This might be too complicated for non-tech-savvy users, and they're effectively locking themselves out of their accounts
  • After copying the generated secret to Bitwarden, the generated TOTP tokens don't seem to work anyway (didn't try with Aegis, etc.)

You can track the GitHub issue here.

Temporary Solution

Even though I'm not happy about it, I'll force-disable 2FA for now. If you enable it, it's gonna jump back to disabled after a short amount of time.

Gonna update you guys when this is fixed. Thank you!

you are viewing a single comment's thread
view the rest of the comments

Excatly. I hope it's gonna be fixed soon, because 2FA is pretty necessary nowadays.