I had an issue logging into Twitch last night for the first time in a while. I just didn’t get any 2FA messages delivered to me, until about 12 hours later when I was asleep and they were probably long invalidated. and now suddenly I can’t log in to my MVD either. Apparently there’s some sort of SMS short+long code outage (according to the twilio status page in North America, which is mildly infuriating when this is already shown to be a pretty sketchy 2FA mechanism, at least theoretically.

Just curious if anybody else has noticed issues or if that’s just me. And also, I really hate SMS 2FA.

  • Extras@lemmy.today
    link
    fedilink
    arrow-up
    11
    ·
    edit-2
    11 months ago

    When this gets sorted, why not switch to totp or authenticator app as its called sometimes

    • andrew@lemmy.stuart.funOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      Oh I definitely use that everywhere I can. I have a few yubikey and use AndOTP everywhere I can. But a few places refuse to do anything but sms.

        • andrew@lemmy.stuart.funOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          Good to know. I’ll set that up once I can actually log in. I haven’t messed with my account in years but I definitely would have used something else if it’d been available when I set up.

      • Extras@lemmy.today
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Oh that’s good to hear. Dang was under the impression twitch allowed totp but guess I was wrong. I personally don’t use it so that was kinda surprising

      • Bitrot@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Instance Admins can remove it from an account. Given your instance they may not do so though.

      • Darkassassin07@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        The new lemmy update automatically disabled 2fa for everyone. The old system didn’t require you to enter the generated 2fa code on setup so lots of ppl locked themselves out.

      • Extras@lemmy.today
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Yeah not a fan of how Lemmy implemented it. Couldn’t even manually input the seed so I had to rely on keepassdx. I’m assuming you already checked that the time is correct and you didn’t modify the entry, so I’m sorry to hear that

        • Darkassassin07@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          11 months ago

          Was stuck with the qr code. Screenshot + qr reader to copy the link. Dropped that into my totp manager and all has been good.

          A simple copy+paste would have been nice, but whatever. It works.

          (had 2fa on before without issue either)

  • davelA
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    Why are you asking about Twitch’s 2FA in Asklemmy, and not even mentioning Twitch in your post title? Now I’ve wasted my time clicking on your post about what I assumed was a Lemmy 2FA question.

  • KindnessInfinity
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    11 months ago

    I hate SMS as a whole. It needs to be replaced with something modern.