I had an issue logging into Twitch last night for the first time in a while. I just didn’t get any 2FA messages delivered to me, until about 12 hours later when I was asleep and they were probably long invalidated. and now suddenly I can’t log in to my MVD either. Apparently there’s some sort of SMS short+long code outage (according to the twilio status page in North America, which is mildly infuriating when this is already shown to be a pretty sketchy 2FA mechanism, at least theoretically.
Just curious if anybody else has noticed issues or if that’s just me. And also, I really hate SMS 2FA.
When this gets sorted, why not switch to totp or authenticator app as its called sometimes
Oh I definitely use that everywhere I can. I have a few yubikey and use AndOTP everywhere I can. But a few places refuse to do anything but sms.
Twitch has TOTP. I’m using it.
Good to know. I’ll set that up once I can actually log in. I haven’t messed with my account in years but I definitely would have used something else if it’d been available when I set up.
Oh that’s good to hear. Dang was under the impression twitch allowed totp but guess I was wrong. I personally don’t use it so that was kinda surprising
deleted by creator
The new lemmy update automatically disabled 2fa for everyone. The old system didn’t require you to enter the generated 2fa code on setup so lots of ppl locked themselves out.
deleted by creator
How’d you manage that one? The new system requires you to enter a valid 2fa code from your TOTP app before its activated.
Unless this was an instance that hadn’t applied the update yet, in which case 2fa will disabled once the update applies.
deleted by creator
Instance Admins can remove it from an account. Given your instance they may not do so though.
Yeah not a fan of how Lemmy implemented it. Couldn’t even manually input the seed so I had to rely on keepassdx. I’m assuming you already checked that the time is correct and you didn’t modify the entry, so I’m sorry to hear that
Was stuck with the qr code. Screenshot + qr reader to copy the link. Dropped that into my totp manager and all has been good.
A simple copy+paste would have been nice, but whatever. It works.
(had 2fa on before without issue either)
SMS is dogshit mfa, this is known
I hate SMS as a whole. It needs to be replaced with something modern.