this post was submitted on 10 Jul 2023
46 points (97.9% liked)

lemmy.ml meta

1406 readers
1 users here now

Anything about the lemmy.ml instance and its moderation.

For discussion about the Lemmy software project, go to !lemmy@lemmy.ml.

founded 4 years ago
MODERATORS
nutomic@lemmy.ml
46
I'm going to assume the admins here all have 2FA on their accounts, right? (lemmy.ml)
submitted 2 years ago by tryagain@lemmy.ml to c/meta@lemmy.ml
22 comments fedilink hide all child comments
 

Right guys?

you are viewing a single comment's thread
view the rest of the comments
[–] spiderplant 3 points 2 years ago (1 children)

Really curious to see how they kill the existing tokens, and whether admins have tools to easily clear all sessions. On one of the Matrix chats someone suggested that the tokens have a one year expiry date!

[–] TheSaneWriter@lemm.ee 2 points 2 years ago (1 children)

The servers should theoretically have a way to murder the tokens, but I'm not sure how Lemmy has implemented authentication so I don't know for sure.

[–] spiderplant 2 points 2 years ago

Looks like you're right, admins will just need to update the JWT secret.