Follow

Is it possible to turn off the mandatory 2FA on Mastodon (the thing where it sends you an email with a code when you log in with an unknown IP)? Because Google wants "account credentials" to test or else I can't publish any updates.

· · Web · 4 · 2 · 1

Ok so I gave them instructions on how to create a Mastodon account and that helped apparently because nightly finally got an update again.

@ConnyDuck what? Srsly? They test apps this far now... I'll take a look later if this is possible.

@leah yes this seems to be a new policy introduced a few weeks ago. Thx!

@ConnyDuck I looked at the docs, the admin panel and the code and it looks like this couldn't be disabled.

@leah Thanks for trying, I will tell them to create their own account.

@ConnyDuck A possible alternative would be using a disposable email service like for example maildrop.cc/inbox/tusky2fa, instruct them to look at that webpage to see the 2FA code.

@ConnyDuck
Seriously? To test an app they require you to drop security or else? Don't they have an email address available? How awkward for them... But yeah, I wouldn't use a Gmail account either, so can I blame them? 🙊

@IzzyOnDroid yeah I don't know 🤷‍♂️
I guess I'm linking them to joinmastodon.org, they should create an account themself

@ConnyDuck I wonder how they'll test "members only" apps e.g. from automobile clubs, which only work with valid memberships. Have them drop that requirement "or else"? Same with other apps for "closed groups", like specific corporate apps. It's good they're going to test at that level, but dropping security measures for that is the wrong approach. When I test such apps for F-Droid, I wouldn't even *think* about asking that. Also, it's part of the procedure, so they must test that as well 😉

Sign in to participate in the conversation
chaos.social

chaos.social – a Fediverse instance for & by the Chaos community