fsebugoutzone.org:9999

       Post AV36hWkCl5Qc3seXTs by Luther@hackers.town
 (DIR) More posts by Luther@hackers.town
 (DIR) Post #AV35V5pGukKT9AWv9k by vertigo@hackers.town
       2023-04-26T14:33:25Z
       
       1 likes, 2 repeats
       
       So, someone posted a toot indicating one should avoid 2FA on Google&#39;s authenticator app at all costs, because it appears to transfer sensitive data in the clear.Well, I discovered today that if you bypass the initial screen asking you to configure 2FA, all of your Authenticator accounts are irretrievably lost.Kaput.  Gone.I fucking hate this world so much.  I want to throw literal bricks right now.  I&#39;m so fucking done with this shit.
       
 (DIR) Post #AV35V6U2TAwHBbbThQ by murph@hackers.town
       2023-04-26T14:53:40Z
       
       1 likes, 0 repeats
       
       @vertigo Wow, that&#39;s the worst failure mode imaginable.
       
 (DIR) Post #AV35pAcum7CZpNK8FE by xerz@fedi.xerz.one
       2023-04-26T16:07:10.833970Z
       
       0 likes, 0 repeats
       
       @vertigo I have multiple backups of my TOTP keys exactly to avoid this scenario… I wish I could help you after that, I would suggest contacting support for each account whenever possible but :blobcatheart:
       
 (DIR) Post #AV36Wbp5XG4acyjNbM by vertigo@hackers.town
       2023-04-26T16:12:45Z
       
       1 likes, 0 repeats
       
       @xerz It&#39;s not that I lost access to my accounts.  I have backups auth codes.I&#39;m pissed that I lost my GA records in the first place.  There was zero reason for this to happen.Literal hostage situation.  &quot;Enable 2FA or we&#39;ll nuke your GA settings.&quot;  Fuck you, GOOG, I don&#39;t do hostage negotiations.
       
 (DIR) Post #AV36cotJrRDYtafh9E by xerz@fedi.xerz.one
       2023-04-26T16:16:08.075633Z
       
       0 likes, 0 repeats
       
       @vertigo ah, glad to hear you were prepared for it, it sounded like you had lost your accounts :blobcatnotlikethis:
       
 (DIR) Post #AV36hVab3K9GTn9Lrk by mrlparker@mastodon.gamedev.place
       2023-04-26T15:50:44Z
       
       0 likes, 0 repeats
       
       @vertigo Isn&#39;t that why you store the recovery codes somewhere that probably isn&#39;t online and that you have access to?So if that happens you can still signin using the recovery code and update/change your 2FA and potentially.I&#39;d be interested to hear what kind of sensitive data? Because it sounds more like someone could get the details used to setup the 2FA and then use that to set it up themselves.
       
 (DIR) Post #AV36hW7Z4kWI82ZgFk by vertigo@hackers.town
       2023-04-26T16:03:59Z
       
       0 likes, 0 repeats
       
       @mrlparker Isn&#39;t that why you store the recovery codes somewhere that probably isn&#39;t online and that you have access to?Sure.  But, that only grants me access to the resource I&#39;m connecting to.  What I&#39;m moaning about is the authenticator app itself losing my account data in the first place.There was zero reason to delete my data except for pure, unadulterated malice.
       
 (DIR) Post #AV36hWkCl5Qc3seXTs by Luther@hackers.town
       2023-04-26T16:12:20Z
       
       0 likes, 0 repeats
       
       @vertigo @mrlparker Honestly, this is one reason I have a hard time getting on the Authenticator App bandwagon in the 2FA conversation. That app is just a big black box of problems waiting to inflict themselves on me. That said, I think Hanlon&#39;s Razor is apt in this situation too, &quot;Do not ascribe to malice that which can be sufficiently explained by ignorance or apathy.&quot;
       
 (DIR) Post #AV36hXZxeepQeOrs9Y by vertigo@hackers.town
       2023-04-26T16:15:21Z
       
       1 likes, 0 repeats
       
       @Luther @mrlparker A real nice and politically correct way of calling me inept.  I&#39;ll need to remember that for future reference.  To put things into perspective, I&#39;ve been using GA for years.  This isn&#39;t a case of either ignorance or apathy.