Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Those login attempts which trigger 2fa app does not generate a log entry if unsuccessful. Only attempts with username/password does. For some strange reason.

So there is no way to flag them as malicious and if you accidentally accept, then it’s already too late.

Pretty annoying setup.



I have the same issue. It’s absolutely stressful. Id also love some way to mark them as malicious.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: