I use FreeOTP+ which is supposed to be developed by people from the Fedora project and is protected by fingerprint on Pixel. I discovered that my 2FA was disabled on lemmy.world after I logged out and then logged back in a day later instead of just keeping the auth cookie active in Vanadium. Since 2FA is required to change settings, how was this accomplished and what can I do to ensure that it doesn’t happen again?
2FA has been restored for all LW users that had it enabled before and didn’t reactivate it on their own since.
There will be an announcement posted later on explaining what happened.
edit: announcement is out: https://lemmy.world/post/18503967