How could 2FA be disabled if you need 2FA in order to login to disable it and my free OTP+ is biometric protected?

  • Dark ArcA
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    edit-2
    3 months ago

    Going to need a lot more context than that.

    I’m sure site admins could just clear the 2FA field if they wanted. Would they? IDK, probably not unless they had good reason.

    Could someone steal your session information and disable your 2FA with that? Yeah, but I doubt they did, you’d have to have your system compromised or some kind of cross site scripting.

    Did you use any shady lemmy clients?

    etc