Hmm.

mhoye@cosocial.ca

Hmm.

So, hypothetically speaking if I had an online service send me a 2FA code, and I typed it in and it wouldn't work, so I hit the "re-send code" button and it sent me the same number again... what should my reaction be here?

nilajones@zeroes.ca

@mhoye

I'm curious to hear responses from people who actually know stuff!

Myself, I would assume the login system is down, and try again tomorrow

owen@mastodon.transneptune.net

@mhoye Was it within 30/60/90s of the first code? If yes, then mild irritation. If no, then significant alarm.

srlevine@neuromatch.social

@mhoye Make sure you aren't me typing in the weird number code those services use in place of a phone number rather than the actual 2FA number. I've done that more than once. sighs heavily

tychotithonus@infosec.exchange

@mhoye "Hmm, someone's clock is off"

But in theory, there's supposed to be like 30s of slush time on either side for exactly such drift.

But if the app also has a "check a log for recent logins" feature, might be good to make sure someone else didn't use it.

grmpyprogrammer@yac.grumpy-learning.com

@mhoye Pull open the nearest curtains and see if they have modified the Matrix to prevent your escape