Can’t seem to find the setting in the Jerboa app. Do I have to use the web version or something?
In the web interface there is a setting for 2FA but I couldn’t get it to work. For some reason there is no QR code to scan but a link of some kind that does nothing.
It’s a otpauth:// protocol handler link, which should load fine on mobile if you have an app that supports it.
I do agree that displaying a QR code while on desktop would be more practical. As a workaround, you could use this addon on Firefox to display the otpauth:// link in a QR code format and scan that.
⚠ Be careful about not showing this code to anyone else, it contains the secret to the 2FA.
Wow, thank you so much! With this extension I got it done via the QR code the extension created. :)
I just checked, seems like it hasn’t been fully implemented yet, something to look forward to in the future I guess.
I’m using Brave and Firefox on a Mac, both want to open the “System Settings” app - this works, OSX will open the Settings and propose to add the otp directory to an entry in your password manager. For 1password, I copied the entire link (including the otpauth://) and pasted it in the additional field of “one time password” - I verified both with logoutlogin and no problems. It does not work with authy, but for that you could follow @m-p-3@kbin.social 's addon link and scan the QR with the phone app.
I got it to work with 1Password, but it seems unfinished and very risky.
To get it to work, I copied the link that the “2FA installation link” button points at, and pasted that into a new 2-factor field in 1password. It presumably was able to extract the secret and start generating the codes. I’ve tested it and it works.
However, it’s risky because Lemmy doesn’t verify you have the correct codes before enabling 2FA. It just assumes you’ll be able to use the cryptic link for something. So if you log out before you’ve set it up, and you mess up the set up, you might not be able to get back in. There are no backup codes as far as I can tell.
So if you do attempt it, I would recommend keeping a device logged in so you can disable it if it goes wrong.
It is generally present in the website interface I’ve noticed.
It’s in the web interface, under “Settings”, towards the bottom.
I had to toggle the checkbox, click save, and then reload the settings page. There was an additional button below the activated checkbox afterwards labelled “2FA installation link”, which was confusing at first. However, you can right-click the button and the URL will allow you to enter it into your authenticator, which I assume is the same information a QR code would hold.
Additional caveat I noticed: You should add it to the authenticator ASAP, after toggling the checkbox. Because Lemmy does not seem to require confirmation of the 2FA, you would be locked out of your account, if you logged out without adding this link beforehand.
I don’t know about Jebora, but on wefwef.app the 2FA worked after activating on the Lemmy web-view this way.
I use bitwarden, so I don’t know about the Aegis authenticator - not familiar with it.
If it has the functionality to add otpauth:// links instead of QR codes, I see no reason why it should not work.
