aussiematt@lemm.eetoTechnology@beehaw.org•Elon Musk goes low against Zuckerberg as Twitter-Threads spat intensifiesEnglish
22·
1 year agoHe called Zuck a cuck?
He called Zuck a cuck?
Very good. I think a feature where a user can revoke all their cookie sessions is still worthwhile, and maybe I’ll look at raising a feature request for that, but it is good to know that cookies stolen during the recent hack have already been addressed.
It seems there is no way in Lemmy to invalidate all your session cookies? Without that, how can you secure an account which has a stolen session cookie?
If I had more time, I would have written a shorter comment…
The TOTP feature in Bitwarden works, if you paste in the whole
otpauth://
URI to Bitwarden’s Authenticator Key (TOTP) field. The URL specifies that the hashing algorithm should be SHA256. If you just import thesecret=
value into Authy, it probably defaults to using the SHA-1 algorithm, which may be why the codes generated by Authy don’t work.SHA256 is more secure than SHA-1, which I guess is why Lemmy has chosen to use it for its 2FA feature.