I had an issue logging into Twitch last night for the first time in a while. I just didn’t get any 2FA messages delivered to me, until about 12 hours later when I was asleep and they were probably long invalidated. and now suddenly I can’t log in to my MVD either. Apparently there’s some sort of SMS short+long code outage (according to the twilio status page in North America, which is mildly infuriating when this is already shown to be a pretty sketchy 2FA mechanism, at least theoretically.

Just curious if anybody else has noticed issues or if that’s just me. And also, I really hate SMS 2FA.

  • Extras@lemmy.today
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    11 months ago

    When this gets sorted, why not switch to totp or authenticator app as its called sometimes

    • andrew@lemmy.stuart.funOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      Oh I definitely use that everywhere I can. I have a few yubikey and use AndOTP everywhere I can. But a few places refuse to do anything but sms.

        • andrew@lemmy.stuart.funOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          Good to know. I’ll set that up once I can actually log in. I haven’t messed with my account in years but I definitely would have used something else if it’d been available when I set up.

      • Extras@lemmy.today
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Oh that’s good to hear. Dang was under the impression twitch allowed totp but guess I was wrong. I personally don’t use it so that was kinda surprising

      • Darkassassin07@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        The new lemmy update automatically disabled 2fa for everyone. The old system didn’t require you to enter the generated 2fa code on setup so lots of ppl locked themselves out.

      • NaN@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Instance Admins can remove it from an account. Given your instance they may not do so though.

      • Extras@lemmy.today
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Yeah not a fan of how Lemmy implemented it. Couldn’t even manually input the seed so I had to rely on keepassdx. I’m assuming you already checked that the time is correct and you didn’t modify the entry, so I’m sorry to hear that

        • Darkassassin07@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          11 months ago

          Was stuck with the qr code. Screenshot + qr reader to copy the link. Dropped that into my totp manager and all has been good.

          A simple copy+paste would have been nice, but whatever. It works.

          (had 2fa on before without issue either)