this post was submitted on 09 Aug 2024
-6 points (36.4% liked)

Ask Lemmy

26903 readers
2032 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics. If you need to do this, try [email protected]


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected]. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 1 year ago
MODERATORS
 

How could 2FA be disabled if you need 2FA in order to login to disable it and my free OTP+ is biometric protected?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 3 months ago (1 children)

ITT OP learns that 2FA is just a token stored on a server, and that server is in control by other people

[–] [email protected] 1 points 3 months ago (1 children)

This is what I thought. I keep telling people they don't exclusively own their passwords / security tokens once they give it to a site. Salted hashes to obscure the pw don't even matter since the admin could also bypass that. Tanks for the validation.

[–] [email protected] 3 points 3 months ago (1 children)

And you better pray the website owner (websites in general, not Lemmy specifically) at least hashes your password.

[–] [email protected] 2 points 3 months ago

yes, the more layers of security, the better, even if it is just a futile matter of time to consume the time of an ATP.