Skip to content

E-Mail Change Caused 2FA Authentication Lockout #93

Description

@gourdcaptain

Steps to Reproduce

  1. Change e-mail addresses from one you have previously verified.
  2. Typo it as "gourd@..." instead of "gourd753@..."
  3. omehow in a frenzy of trying to get this to change to happen cause it to lock into the new address, unverified, but with 2FA still enabled.
  4. Due to the lack of recovery codes, you cannot log in again to any new systems due to the 2FA going to a black hole address.
  5. You cannot change e-mail addresses from your system which is still logged in, getting an error of "This feature is not available when signed in with OAuth. Please manage your account through your hosting provider's website."
  6. Since you control the new domain (albeit it's hosted by Fastmail), set the address to point to a valid inbox. Validate this works by emailing yourself at gourd@...
  7. Then hit "resend e-mail" and watch nothing happen. Maybe I got spam limited somehow.

welp

Attachments

Blacksky Error.png

What platform(s) does this occur on?

Web (Desktop)

Device Info

Debian 12 Linux desktop

What version of the app are you using?

Build version: 1.122.0; Bundle info: 7cbab2b (prod); Bundle date: 26050722; Platform: web; Platform version: 0.0.0; Device ID: 0f3c20aa-f7eb-4dd4-a825-121b92de3bff

Additional Information

Account gourd.myatproto.social

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions