Make sure you are logged in to multiple browsers before enabling 2 factor
We've had several people reach out to us who have accidentally locked themselves out of their account whilst trying to setup 2 factor authentication.
Whilst it is possible for us to disable 2fa for an account directly from the database, for privacy and security reasons, we won't do this at the request of an external/second account.
However, all is not lost! Enabling 2fa will not log you out of existing sessions, so if you make sure you are logged in to a second browser before enabling 2fa, you will be able to disable it again if you run in to any issues.
katy ✨ - 2.4yr
I was surprised they didn't have backup codes or anything when I set it up so I got nervous hopefully they'll get added soon too.
30
Sage - 2.4yr
This was me 😑
20
Ada - 2.4yr
At least you had access to an app and could message us from your account.
13
Sage - 2.4yr
Very true and also thank you!
9
Norah (pup/it/she) - 2.4yr
Hopefully they add recovery keys to the 2FA setup sometime soon.
17
Still @programming.dev - 2.4yr
oh yeah there's no confirmation for setting up 2fa right now, so make sure you got codes going before logging out
8
load_nikon @lemmy.world - 2.4yr
That is bonkers!
2
Lt. Ouroumov - 2.4yr
The 2FA is so secure even the user can't access their account. 😛
5
Nobel Art - 2.4yr
I feel bad for you on this one, clearly some 2FA is better than no 2FA, but the implementation of this from the Lemmy devs leaves a lot to be desired. Ah well, they are clearly trying, and I am sure it will get better
3
load_nikon @lemmy.world - 2.4yr
I'm getting prompted for 2fa and I never set it up! The 2fa apps I use would have this site added to their list if I had. @Ada, any suggestions?
3
Ada - 2.4yr
Someone else said that you can do a password reset to login without 2fa. I haven't tested it, but it's worth trying
3
load_nikon @lemmy.world - 2.4yr
Yeah, that didn't work for me. Do you have any recommendations, as the administrator of this instance, on how a user can remediate a 2fa implementation that is failing so wildly that it requires this thread to exist? Do you have a "whoops, do over" button?
1
Ada - 2.4yr
The brutal truth is that Lemmy as a platform isn't mature and probably wasn't ready for the scale of growth.
I'm trying to put out fires for an app I didn't develop and have no input in to. I wish there was an oops button!
What I'll get you to do is DM me the email address of the account that's locked. I'll confirm the email address and then send you an email at that address
ada in main
Make sure you are logged in to multiple browsers before enabling 2 factor
We've had several people reach out to us who have accidentally locked themselves out of their account whilst trying to setup 2 factor authentication.
Whilst it is possible for us to disable 2fa for an account directly from the database, for privacy and security reasons, we won't do this at the request of an external/second account.
However, all is not lost! Enabling 2fa will not log you out of existing sessions, so if you make sure you are logged in to a second browser before enabling 2fa, you will be able to disable it again if you run in to any issues.
I was surprised they didn't have backup codes or anything when I set it up so I got nervous hopefully they'll get added soon too.
This was me 😑
At least you had access to an app and could message us from your account.
Very true and also thank you!
Hopefully they add recovery keys to the 2FA setup sometime soon.
oh yeah there's no confirmation for setting up 2fa right now, so make sure you got codes going before logging out
That is bonkers!
The 2FA is so secure even the user can't access their account. 😛
I feel bad for you on this one, clearly some 2FA is better than no 2FA, but the implementation of this from the Lemmy devs leaves a lot to be desired. Ah well, they are clearly trying, and I am sure it will get better
I'm getting prompted for 2fa and I never set it up! The 2fa apps I use would have this site added to their list if I had. @Ada, any suggestions?
Someone else said that you can do a password reset to login without 2fa. I haven't tested it, but it's worth trying
Yeah, that didn't work for me. Do you have any recommendations, as the administrator of this instance, on how a user can remediate a 2fa implementation that is failing so wildly that it requires this thread to exist? Do you have a "whoops, do over" button?
The brutal truth is that Lemmy as a platform isn't mature and probably wasn't ready for the scale of growth.
I'm trying to put out fires for an app I didn't develop and have no input in to. I wish there was an oops button!
What I'll get you to do is DM me the email address of the account that's locked. I'll confirm the email address and then send you an email at that address