Security -Adding 2FA?

I just had some sort of security breach on my account suddenly the rust submission was the latest in my profile though I haven’t touched it in ages and the the same email I used on exercism was used to try to reset my facebook account. Could a 2FA method be established for exercism?

In the meantime I changed my password changed api keys changed my email on the account and locked my Facebook account.

You could sign on using, say, your Github account which has 2FA set up.

1 Like

Omg you’re right. I’ll do that. Will that lock the email from working?

I think there’s some way to “port” your account from a raw email to Github. I think it can be done via the website but I’m not 100% certain. It might require asking iHiD to do it for you.

That’s likely because we’re currently rerunning all Rust submissions through our systems and it will have been retested and its status will have changed as a result. It shouldn’t really be bumped to the top of your profile, but it’ll be this rather than a security issue.

I don’t think I could. Accounts that are created via oauth have random passwords set, but you could still recover password to get a new one etc.

Potentially, yes. But I’m not sure it’s a thing I want to do, as we wouldn’t have the resource to “fix” people’s account when they lose their 2fa device, etc, and get locked out. From my experience (of losing my own!) it’s quite a crucial part of the process, and I’m not sure I want to deal with another wad of emails from pps etc.