Security Operations

570 readers

1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 1 year ago

MODERATORS

L3s

How can 2FA be disabled without permission and what can I do about it? (self.secops)

submitted 3 months ago* (last edited 3 months ago) by lightscription to c/secops

3 comments fedilink hide all child comments

I use FreeOTP+ which is supposed to be developed by people from the Fedora project and is protected by fingerprint on Pixel. I discovered that my 2FA was disabled on lemmy.world after I logged out and then logged back in a day later instead of just keeping the auth cookie active in Vanadium. Since 2FA is required to change settings, how was this accomplished and what can I do to ensure that it doesn't happen again?

you are viewing a single comment's thread
view the rest of the comments

[–] MrKaplan 2 points 3 months ago* (last edited 3 months ago)

2FA has been restored for all LW users that had it enabled before and didn't reactivate it on their own since.

There will be an announcement posted later on explaining what happened.

edit: announcement is out: https://lemmy.world/post/18503967