Hacker News new | past | comments | ask | show | jobs | submit login

Unrelated to this particular snafu but still potentially problematic: if you have your Authenticator account named by its default name (foo@example.com) and you add another account with the same key, it will be blindly overwritten. I found this out the hard way after scanning my Meraki 2FA QR code that was tied to the same email that already had Google 2FA.

ProTip: rename your auth entry to something like "Gmail foo@example" to avoid this problem, whether malicious or accidental.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: