They been redirecting to lemon party and some weird video. Do not go to the website. This is the admin that been hacked:

EDIT: lemmy.blahaj.zone also compromised!

  • PenguinTD
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Is there a way to not do email verification but still using 2FA? That way, even if a user’s account is somehow phished/compromised, it won’t compromise their other accounts.

    • TruckBCMA
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I just successfully set up 2FA for an account on another instance that doesn’t have a verified email without any issues, so there’s no need to have done email verification to use 2FA.

    • elscallr@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Absolutely you can do no phone/email and MFA. It’s a TOTP thing like Google or Microsoft authenticator. The service doing the authentication has no idea how it’s done on the other side, it just makes sure the codes match.