30
submitted 5 months ago by humuhumu@lemm.ee to c/privacy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] humuhumu@lemm.ee 2 points 5 months ago* (last edited 5 months ago)

Do you mean individual 10 second 6 digit codes?

no, the underlying secret

[-] NovaPrime@lemmy.ml 2 points 5 months ago* (last edited 5 months ago)

Change your shit asap. Anyone who has access to it can theoretically auth as you on any site or product that uses that 2fa setup. They would still need to have your underlying credentials that would initiate the 2fa protocol exchange anyway, but if they have access to your underlying 2fa secret, its not too far fetched to believe they may have other credentials potentially, depending on how you've secured the access and where you store your credentials. To be safe and not paranoid, it's best to just do a root trust rotation and cycle the underlying auth creds

this post was submitted on 17 Jun 2024
30 points (85.7% liked)

Privacy

32008 readers
1001 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS