this post was submitted on 27 Nov 2024
5 points (69.2% liked)
Lemmy.world Support
3248 readers
2 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world/
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Do you know if this is under the 2FA layer?
Just a heads up, I just encountered a bug with their 2FA. I logged in, got prompted for the code, pasted it in but accidentally hit Cancel instead of Submit. It took me back to the login page, then just logged me in. I've been able to repeat the process even with expired codes, but not with codes I make up on the fly.
I'm deeply grateful for the consideration. This is all programmed in Rust, is it not?
I believe so, yeah
have no clue what that is. I am using firefox on an hp laptop and when I click my bookmark it usually auto logs me in to my account.
2FA is two factor authentication, it requires your password plus a generated code from an authentication app that changes every 60 seconds.
Mine is just in my bookmarks I click it and since it saves the password it auto logs me in.
I'm totally guilty of this myself for my work stuff (Edit: I WFH and everything still has either 2FA or MFA enabled), but saving passwords in your browser is risky. Browsers can be tricked into, for example, populating your credentials into hidden fields, thus exposing your creds to whoever's on the other end wanting that data.
I'm certainly not going to stop doing it myself, so I'm just recommending that all your passwords at least be unique for each account. I use a password manager to store them all, that way I only need to remember one master password for all my accounts.