top | item 30010072

(no title)

presty | 4 years ago

yes, they literally logged everyone out, removed 2FA, and on the new login, users had to re-add 2FA

discuss

cornedor|4 years ago

Wouldn't this also allow an attacker to add his own 2FA?

Scoundreller|4 years ago

Doesn’t really matter if your 2FA keygen algo got completely compromised.

nefitty|4 years ago

This is hilarious. This company is literally at the apex of the crypto industry and this is the kind of mistake they make. Yeah, immutable smart contracts written by their fellow proponents will also save the world lol

eswat|4 years ago

> users had to re-add 2FA

And you are not asked to do this while logging in again. It is assumed you know why you have to reauthenticate and that you have to re-add 2FA in your app settings…