Ahh i had this with a hungry shark world account. I was huge on the game, grinded insane from the start of the game so i had a ton of shit that was only available in older versions and when i moved to a new phone and wanted to restore the backup it overwrote it losing me years of data. Snorted copium for a few weeks but gave up after. Never played it since then.
this post was submitted on 06 Oct 2024
55 points (92.3% liked)
196
16511 readers
2363 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
founded 1 year ago
MODERATORS
Sorry about that, but thank you for this post, I had no idea Lemmy finally implemented 2FA.
EDIT: On second thought, there actually is no way to generate a recovery code, so I think I’ll wait a little longer.
OK, I recovered it. It seems Lemmy (at least 0.19.3) has no rate limiting for trying 2FA codes.
Edit: Fixed typo (seem -> seems)
Oh, this doesn’t sound very secure
recovery code tip: just save the secret it gives you and then you can put it in another app
That’s actually not a bad idea, thank you!
If you used GDrive, it might have kept the old backup but version controlled it instead of deleting it.
Perhaps, but it seems this is a hidden portion of Drive that only the app itself can access.
Check to see if it's an orphaned file. https://support.google.com/drive/thread/236647252/what-is-an-orphaned-file?hl=en What is an orphaned file? - Google Drive Community
Nope, but thanks.
It uses the hidden appDataFolder and it seems the files in it can only be accessed via those apps.
I found some more (but old) info here: https://stackoverflow.com/questions/22832104/how-can-i-see-hidden-app-data-in-google-drive
Maybe I could figure out something from those examples, but based on Google there's just mere 4KB of data. That doesn't sound promising.
I had realized after I posted that. Didn't actually edit the comment.
@[email protected] Try either emailing the sdf membership email address or sshing onto one of their hosts and posting on BBOARD.
Edit: …if you haven’t already
Already did, but thanks.
I remembered them resetting 2FA (per-request) when Lemmy used I think SHA256 instead of SHA1 and a lot of people got locked out.
Well, there’s no karma so if you’ve saved threads or comments, I’d quickly archive those somewhere. Then just link to this account in your new account bio
Fun fact, lemmy does have a karma system, it's just hidden from the interface! There's even a public API method that you can use to check your karma.
spoiler
i did the same thing but in reverse, the link text was the rickroll url, but it went to the api page instead
Thanks, good to know! I like how easy it is to check
Wow, mines much higher than I thought!
This is why more sites need to support multiple 2FA devices. Most of them support a fallback like SMS, but they restrict you to one key. I can't think of any reason to restrict this other than trying to "keep it simple" for users, which is just silly.
I yearn for a day user agents can not suck. Backups and syncing should not be this hard!
This is why i like physical hardware keys
Or implement backup codes. I have backup codes for sites like Google. They are some longer single-use codes that can be used to login and reset 2FA. A lot of sites have that.
But yeah, I never thought of multiple keys. I could simply enroll and un-enroll each device. Safer and more convenient.
I think everywhere I use 2FA they also have downloadable backup codes, but you have to store those securely somewhere also.
Pro tip: if you have nextcloud you can set aegis to backup to a folder synced to the cloud, giving you automatic cloud backups. It can keep multiple copies too to prevent a situation like that happening.
But yeah, sorry that happened, hope you find another way to access those accounts.
I do this, but with keepass (keepass on all devices and then sync with nextcloud). Saved my butt a few times, I can go into the file history and pull an old version of the keepass db out of it, and then keepass has a merge feature, so I can pull the old file out, and merge with current to find missing records.
Anyway... backups good.