• kamek@lemmy.fmhy.ml
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    I wouldn’t enable 2fa yet either there are some bugs, and the code it generated for me didn’t work and locked me out of my account for a good bit. I’m not sure why but the 2fa link didn’t work for me so I copied the secret out of the url and put it in my authenticator but it never worked. Just fyi.

    • enoent@lemmy.ilwwbs.com
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Lemmy uses a SHA256 digest for its TOTP codes.

      Basically every other service (and therefore most authenticator apps) use SHA1.

      So although you provide the right secret, you get a different code because it’s derived from a different hashing mechanism

      • kamek@lemmy.fmhy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Ooooh ok cool. Sadly I’m using MS Authenticator so I can’t specify the type. I really don’t want to migrate to another one so hopefully this gets fixed I know there is a ticket open on github.