top | item 29430580

(no title)

aj3 | 4 years ago

Right. Session is stored either in cookies or in Local Storage. Both get cleared when you "clean cookies". If there is no device session, next time you're trying to log in, service will ask to show the second factor (so that hacker can't steal your account through finding the password on some other website).

Firefox didn't work, because person deleted session and didn't have second factor (nor backup auth methods). Chromium worked, because it still had device session.

I'm traveling and using TOR and VPNs just like everybody else and haven't faced any issues. There most definitely is a problem with communicating security/accessibility tradeoffs to the public though, so I'm not putting blame on the op here.

discuss

No comments yet.