lemmy.world is a victim of an XSS attack right now and the hacker simply
injected a JavaScript redirection into the sidebar. It appears the Lemmy backend
does not escape HTML in the main sidebar. Not sure if this is also true for
community sidebars.
[https://sh.itjust.works/pictrs/image/707c0f16-3d5c-4888-b865-34228d968ee6.png]
Mine just won’t enable it at all. I have it set up on my other account, but this one when I hit save nothing happens.
That is one of the issues… if you tick the box to enable 2FA and hit save, you then need to hit F5/refresh for the ‘2FA Installation link’ to appear.
Actually making use of the 2FA installation link is also not intuitive… as I said I’ll try and post a sequence of screenshots tonight with a fresh test account to show the process.
That didn’t work, but I have solved it. I had to take the emoji out of my display name. No idea why that has any impact, but it did.
i’ll be damned if I’m removing my identity just to protect my account
I’ve been playing around and it’s only some emojis it has a problem with. Your bagels are safe.
Mine worked with emoji. You can continue to be you.
The 2FA system might just be prejudiced against birds. I tried putting it back in after it was set up and it won’t save my settings if the emoji is there. It’s very weird.
Can you move the bird to the back of your name and test?
It won’t let me put it anywhere in the field. A bagel or a smiley face are find, but I can’t do the bird, or a black cat. It might be something to do with the specific emoji - both the black bird and cat are a standard bird/cat paired with a black square which display as a single emoji on some systems.
At a guess your emoji is part of a a newer unicode table and something in the lemmy backend has an older version that doesn’t include it.
thank you, and the 2FA set up was actually the easiest i’ve ever set up on iOS. a little too easy …