this post was submitted on 03 Jul 2023
6 points (100.0% liked)

Lemmy.world Support

3251 readers
54 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge


You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world



founded 2 years ago
MODERATORS
 

Hi, I want to add 2FA to my account but activating it won't trigger my keepass app, I can see the setup code on URL which I can use it with keepass to generate tokens but website expects me to follow link so please add a manual activation for 2FA

top 7 comments
sorted by: hot top controversial new old
[โ€“] marswarrior 1 points 2 years ago* (last edited 2 years ago) (2 children)

I use keepassXC on linux.

Copy the secret key from the url.
otpauth://totp/Lemmy.world:username?secret=xxxxxxxxxxxxxxxxxxxxxxxxx&algorithm=SHA256&issuer=Lemmy.world

Paste that here:

I tried all this, I did get keepass to provide the 2FA code, but lemmy won't accept it. I had to reset my password so I can get back in.

[โ€“] ggnoredo 1 points 2 years ago (1 children)

yes exactly the same issue i tried to decribe

[โ€“] marswarrior 1 points 2 years ago
[โ€“] eekrano 1 points 2 years ago (1 children)

Same here. I added it to Keepass, then opened a private browser and tried to log in and it wouldn't take it. So one of 2 things:

  1. Most sites have you enter a code to validate that you have it right before applying the changes to your account - I did not get this in Lemmy
  2. They simply don't validate that you have 2FA set up correctly by asking you for a code prior to actually enabling it on your account and the log in with 2FA is broken.

I went ahead and removed 2FA so I wasn't locked out of my account if I get logged out somehow until this is fixed.

[โ€“] marswarrior 1 points 2 years ago

Yeah I think it's just not working correctly yet. 2FA should be removed until it's fixed. I doubt the admins can remove it. Only the lemmy devs can.

[โ€“] Archerofyail 1 points 2 years ago

Yeah, I don't know why they wouldn't just generate a QR code that you can scan with your phone or give you the secret in text, like every other website does.

[โ€“] PriorProject 1 points 2 years ago* (last edited 2 years ago)

I wouldn't use 2fa until it requires a successful code check on setup, at this point you won't know whether you've successfully enabled 2fa or locked yourself out until you next try to log in.

See https://lemmy.eus/post/190738 for details.