I use it with bitwarden and I needed to copy the whole URL into the secret field. Then it worked for me. Try again while stayed logged in on another Browser or a second device ๐
this post was submitted on 10 Jul 2023
2 points (66.7% liked)
Lemmy.world Support
3210 readers
2 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
To open a support ticket
You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world
founded 1 year ago
MODERATORS
haha, I think I missed you posting this right before I found the same thing. thanks!
Okay, I got it. I'm using BitWarden and I was putting in the exact secret key into the OTP field, not the full URI. After doing the full URI, it works. Hope this helps anyone else.
I didn't know I could do that until checking the BitWarden page: https://bitwarden.com/help/authenticator-keys/
The best practice when setting up 2fa would be for Lemmy to confirm a code before applying the change, to verify that OTP token generation is working as expected. It's mildly dangerous use 2fa on Lemmy in its current state due to the absence of that feature. Though as you note, password reset bypasses 2fa.