Emily! :Blobhaj_Witch_Broom: on Nostr: i’m always weirded out by sites reminding me to “download my recovery codes” ...
i’m always weirded out by sites reminding me to “download my recovery codes”
what the fuck github. those are supposed to be secret and never revealed after the first 2fa setup.
giving out 2fa codes to anyone with a valid cookie is just… uh. it feels wrong
Published at
2024-12-11 03:00:15Event JSON
{
"id": "bfbf3131c0e65195c946d2102fffdff812ee4a43d7891b3efb380137add43beb",
"pubkey": "9a21f9871d661e5c97f1ab72fd3cf71eb56584674938dc5984c4b8a8cf7f24f7",
"created_at": 1733886015,
"kind": 1,
"tags": [
[
"imeta",
"url https://asdf.donotsta.re/media/c7b545094c76d3f2b139eb3c91d7b015e8a18c917f7ea1b13654b35c385dbbf4.png",
"m image/png",
"dim 965x112",
"blurhash 412~}#Tu.SKspn"
],
[
"proxy",
"https://donotsta.re/objects/9b90b9e1-9c18-4b44-a0cc-fe43597c86e8",
"activitypub"
]
],
"content": "i’m always weirded out by sites reminding me to “download my recovery codes”\n\nwhat the fuck github. those are supposed to be secret and never revealed after the first 2fa setup.\n\ngiving out 2fa codes to anyone with a valid cookie is just… uh. it feels wrong\n\nhttps://asdf.donotsta.re/media/c7b545094c76d3f2b139eb3c91d7b015e8a18c917f7ea1b13654b35c385dbbf4.png",
"sig": "4ff9eaaa3bb31a3402a924a51b3b5510c2fbf8d204ece718ef29b45ded439a3cf77abd1e41d16e89295ace2f56a825f90abddc3019f6543c0816e201954fe6bd"
}
