How could 2FA be disabled if you need 2FA in order to login to disable it and my free OTP+ is biometric protected?

    • Lightscription@lemmy.worldOP
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      This is what I thought. I keep telling people they don’t exclusively own their passwords / security tokens once they give it to a site. Salted hashes to obscure the pw don’t even matter since the admin could also bypass that. Tanks for the validation.