You are viewing a single thread.
View all comments 
5 points
I wouldn’t enable 2fa yet either there are some bugs, and the code it generated for me didn’t work and locked me out of my account for a good bit. I’m not sure why but the 2fa link didn’t work for me so I copied the secret out of the url and put it in my authenticator but it never worked. Just fyi.
1 point
Lemmy uses a SHA256 digest for its TOTP codes.
Basically every other service (and therefore most authenticator apps) use SHA1.
So although you provide the right secret, you get a different code because it’s derived from a different hashing mechanism
2 points
1 point
