this post was submitted on 09 Aug 2024
3 points (66.7% liked)

Security Operations

573 readers
1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 2 years ago
MODERATORS
L3s
3
How can 2FA be disabled without permission and what can I do about it? (self.secops)
submitted 5 months ago* (last edited 5 months ago) by lightscription to c/secops
3 comments fedilink hide all child comments
 

I use FreeOTP+ which is supposed to be developed by people from the Fedora project and is protected by fingerprint on Pixel. I discovered that my 2FA was disabled on lemmy.world after I logged out and then logged back in a day later instead of just keeping the auth cookie active in Vanadium. Since 2FA is required to change settings, how was this accomplished and what can I do to ensure that it doesn't happen again?

you are viewing a single comment's thread
view the rest of the comments
[–] partial_accumen 4 points 5 months ago

That is very humble honesty and will continue to earn you trust from your users.