I can't imagine trying to recover a login.gov 2fa. It was hard enough to get that shit set up when they first rolled out
On Tue, Jan 6, 2026, 1:50 PM Jan-GAMs <[email protected]> wrote: > if they get your 2fa, you're screwed. > On 1/6/26 10:21, [email protected] wrote: > > Got totally scammed. Login.gov supposedly sent me a very official looking > email saying someone had logged in a few hours ago. Nobody logged in a few > hours ago. I scanned the header and it looked legit. > > > > It recommended that I change my password. Clicked the change password > button (without looking at the URL it was directing me to) and went to a > very official looking page. > > > > But it only asked for the new password once. That should have stopped me > but I still clicked. Then immediately tried to login with the new password > and I realized I was cooked. So I immediately changed passwords on sites > that used that old password and properly changed the password on login.gov > > > > I am seriously considering going to a password managers. I know nothing > about them, how they work or if they are trustworthy. I use 2FA everywhere > I can. > > > > Opinions? > > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
