Hacker News new | past | comments | ask | show | jobs | submit login

Does that mean you go through an extra authentication flow to enroll the new device? Otherwise it's not 2FA, it's just telling you after the fact that someone got into your account.



Yes you have to authenticate any new devices from one of your existing devices.


Last week, I logged into Keybase from a brand new iPad without any authentication challenge from a trusted device. As far as I can tell, there is no second factor.


If you log into the website, there is no second factor. If you already trusted a device, there isn't a seecond factor either.


Did you use a paper key?


Just used username and password.


That's weird. Almost all the nodes on your graph are signed by your PGP key 'F155E778FA657400' or the paper key 'above sleep'. The rest were signed by other devices, or were the original node...

https://keybase.io/gluecode/graph


I did the same thing via browser on a new laptop. Just l/p




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: