- Type
- Suggestion
- Status
- Denied
I checked my email afterwards, no email and even Rocket (or Mick, forgot which one) admitted to me in a PM that it is bypassable.You don't just "bypass" 2FA. It just doesn't work like that. It's literally impossible to bypass.
Your email was probably compromised so that made 2FA useless.
To prove this, I'm even willing to create a test account, publish the password & enable 2FA. Nobody will be able to get in the account unless they have access to the email.
Do you have a screenshot of this? Both are saying they didn't say that.Rocket (or Mick, forgot which one) admitted to me in a PM that it is bypassable.
That's funny,Do you have a screenshot of this? Both are saying they didn't say that.
Yeah, XenForo has a way to get past 2FA. I believe they said it was intentional. I'd prefer not to share the methods, but it's pretty simple.I made my site wrong? I was talking about when I got hacked on these forums, the hackers were able to completely bypass 2FA so what's the point? A hacker would be able to bypass it either way.
Other BIG Forums such as Spigot use it and don't have many security flaws.It's really bad and has a lot of security flows, as well (Tapatalk, that is).
Spigot isn't classified as big, for starters. Maybe in the Minecraft industry, but we're talking forum security here.Other BIG Forums such as Spigot use it and don't have many security flaws.
