Janice SticklesNov 12, 2022
Dr. Jorge Caballero

If the traffic hitting the fedified.com firewall is any indication, Putin has activated his cyber minions.

For those who are just getting started on Mastodon, especially if you have a large following, I urge you to enable multi-factor authentication on your account here and on Twitter

#TwitterMigration #ShieldsUp

Nov 8, 2022 at 11:44amWeb
Show threadMisaMisa โœ…Nov 8, 2022

@DataDrivenMD

Good plan!

Hmm tried to do this but got message
Maybe someone can help me?

Show threadJosh SorefNov 8, 2022

@MisaMisa @DataDrivenMD are you comfortable using 2FA / the 2FA app you're using, or is this your first foray?

I know of a couple of ways it can mess up in general and some specific to certain 2FA apps... It looks like Mastodon at least tries to cover one rough edge in its messaging. (Yay!)

Which app are you using to generate tokens?

Show threadBarbara Nov 10, 2022
@MisaMisa Check if your device's time is correct and in the same timezone as your physical location, and if not, fix it. I find time.is to be practical.
Show threadThing1withThing2Nov 11, 2022

@MisaMisa @DataDrivenMD

Same here.

Have you found a solution?

Show threadMisaMisa โœ…Nov 12, 2022

@Thing1 @DataDrivenMD no sorry

I'll have another look and another go this weekend

In the meantime I gave myself a green tick ๐Ÿคฃ๐Ÿ˜‚

Show threadjaybirdNov 8, 2022
@DataDrivenMD I'm unable to perform several basic functions on the mstdn.social server. I can't enable the multi factor authentication, upload images and pages are painfully slow to load. It may be time to find another server and if problems continue, maybe this isn't for me.
Show threadDr. Jorge CaballeroNov 8, 2022
@jay2216 this server has been struggling for a couple of days
Show threadPJ "Vote Green" CoffeyNov 8, 2022

@jay2216 @DataDrivenMD I joined .lol and literally couldn't even log in. I thought it had folded!

Active users on Mastodon are matching active users on Twitter and that's going to be a huge surge for non-specialist servers.

Show threadAlan Wright ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡ฎ๐Ÿ‡ฒNov 11, 2022
@jay2216 @DataDrivenMD no problems here on c.im just move your account as per the docs, set up a new account on c.im them got back to old account, downlaod your followers csv, in the move box put your new account and old password and it will start the server to server migration, go to your new account and upload your csv followers file, your posts and images don't transfer.
Show threadjaybirdNov 11, 2022
@LordFlashheart @DataDrivenMD This server has worked out it's problems.
Show threadAlan Wright ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡ฎ๐Ÿ‡ฒNov 11, 2022
@jay2216
They usually do.
@DataDrivenMD
Show threadFuzzyBlackSheepNov 8, 2022
@DataDrivenMD This needs to become the standard practice for anyone creating accounts online. Unique passwords and 2FA. It is always the first thing I do. #Bitwarden for password generation and storage. It will also store my 2FA backup codes. There are other equally great options as well. #personalOpsec
Show threadBLACKVOID โšซ๏ธNov 8, 2022
@FuzzyWuzzy @DataDrivenMD #bitwarden for the win! Love it! Well said indeed!
Show threadScott Weston (srw)Nov 8, 2022
@FuzzyWuzzy @DataDrivenMD but if #BitWarden was to be compromised won't they have both your password and your 2fa and so full access to your account? I think prefer my NFC Yubikey for my 2fa.
Show threadFuzzyBlackSheepNov 8, 2022

@scott @DataDrivenMD good thing #Bitwarden offers 2FA. Though I am pretty confident that they also encrypt my master password which is also soley unique along with the email address that is only used for bitwarden.

My problem with Yubikey and other physical device tokens is that they are a major headache if you ever lose one. Which is what happened to me when I lost my keychain over the side of boat.

Show threadScott Weston (srw)Nov 8, 2022
@FuzzyWuzzy @DataDrivenMD I went with a 2nd Yubikey I keep in sync and in a safe, but yes it would be a pain to lose but to me it seems better than storing passwords and 2fa creds in the same place ๐Ÿ˜‚
Show threadFuzzyBlackSheepNov 8, 2022
@scott @DataDrivenMD I don't know of anyone capable of breaking AES 256bit encryption without the key. And since I have the key (which is also encrypted), my #bitwarden vault is safe. This isn't business needs here. I have hard tokens for those needs. But for my personal life, a soft token (TOTP authentication app) is plenty safe. And storing them together in an encrypted vault is fine. If you didn't know, bitwarden can be hosted on your private server if so deisred!
Show threadScott Weston (srw)Nov 8, 2022
@FuzzyWuzzy @DataDrivenMD yeah I use bitwarden for my lower priority stuff that I just need sync'd everywhere (mostly smartphone app fluff ๐Ÿ˜†) and my important stuff is in self hosted gopass (so git+pgp) because I'm a massive nerd ๐Ÿคฃ
Show threadJef Kazimer๐Ÿ˜ถโ€๐ŸŒซ๏ธNov 8, 2022

@FuzzyWuzzy @DataDrivenMD honestly, if a site is using passwords I would say they should require MFA. I don't think telecom methods should be used and like to see the use of TOTP OATH apps, #fido2 and now #passkey

Things start to change when people choose to make change and as a service provider choosing to require MFA is a good step.

Show threadPermagricultureNov 8, 2022
@DataDrivenMD Would it be possible to add a .csv export so they could be imported?
Show threadtronicumNov 8, 2022
@permagriculture to export what?
Show threadPermagricultureNov 8, 2022
@tronicum
The list of verified Twitter users from https://fedified.com
Fedified โ€” Notable Twitter accounts on the Fediverse

Protecting public figures, journalists, creators, companies, and brands on the fediverse by verifying common ownership of Twitter Verified and Mastodon accounts

Mastodon ๐Ÿค Twitter Verified โžก๏ธ Fedified
Show threadtronicumNov 8, 2022
@permagriculture that explains why copy and paste :verified: didn't work
Show threadPermagricultureNov 8, 2022
@tronicum Does it?
Show threadtronicumNov 8, 2022
@permagriculture it does not get rendered. Just shows :verified:
Show threadNumero_unoNov 8, 2022
@DataDrivenMD YAY!! A blue check โœ”๏ธ!!!
Show threadMichael ToulouseNov 8, 2022
@DataDrivenMD Has anyone else tried enabling 2FA via text message on Twitter this morning? I tried, but never got a code. I wonder if it's yet another thing that broke in the downsizing. #twittermigration
Show threadPantstrovichNov 22, 2022
@MichaelT @DataDrivenMD I heard that it is no longer supported, because the staff of that sector are no longer there. You may be locked out of your account.
Show threadMichael ToulouseNov 22, 2022
@Pantstrovich @DataDrivenMD Fortunately, 2FA still works for logging in & logging out because I use an app. But when I try to archive my tweets I get prompted for a code, which never comes.
Show thread2mamiliNov 8, 2022
@DataDrivenMD this ^^ is a very important advice. Do this immediately.
Show threadGerbrand van DieyenNov 8, 2022
@DataDrivenMD on the upside, this also means Mastodon is getting more popular 
Show threadDr. Jorge CaballeroNov 8, 2022
@gerbrand indeed!
Show threadRob EastonNov 8, 2022
@DataDrivenMD @cymplecy done!
Show threadDiana Barbosa ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ต๐Ÿ‡ธNov 8, 2022
@DataDrivenMD I was going to, but the whole QR thing is too messy. Maybe there's another way to protect your account? ๐Ÿ˜ @brunomiguel
Show threadJohn Ryan ๐Ÿ‘จ๐Ÿปโ€๐Ÿ’ปโ˜ธ๏ธ๐Ÿพ ๐Ÿ˜Nov 8, 2022
@diraquel @DataDrivenMD @brunomiguel Genuine question: what makes the QR part "too messy"?
Show threadDiana Barbosa ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ต๐Ÿ‡ธNov 8, 2022
@jtigger @DataDrivenMD @brunomiguel for one, I don't know why, QR codes work awfully in my phone. Then, there was an alternative text code but I could not understand how was I suppose to use it. The SMS system seem more straightforward to me.
Show threadJohn Ryan ๐Ÿ‘จ๐Ÿปโ€๐Ÿ’ปโ˜ธ๏ธ๐Ÿพ ๐Ÿ˜Nov 8, 2022

@diraquel @DataDrivenMD @brunomiguel got it. Yeah, that sounds irritating.

FWIW, I'm using a password manager (1Password) that does most of the work. *It* scans the QR-code and saves off the seed... and integrates with both my phone and browsers on the desktop to paste in the 2FA codes.

If that seems feasible in your situation, I highly recommend it.

Show threadNeurofrontiersNov 8, 2022
@DataDrivenMD I had gotten lazy with this, just did it now. Thanks a lot!
Show threadAlexey SkobkinNov 8, 2022
@DataDrivenMD
Yeah, I think Putin is definitely interested in Mastodon.
Show threadPhoenixGroupNov 8, 2022
@DataDrivenMD how?
Show threadKarenmaryoNov 8, 2022
@DataDrivenMD Iโ€™m still trying to figure out how to follow and find my people ๐Ÿ˜‚
Show threadZack KrNov 8, 2022
@DataDrivenMD
It's a good idea ๐Ÿ’ก
Show threadpostmodernNov 9, 2022
@DataDrivenMD they might also be trying to compromise fedified.com or debirdify.com to then gain access to people's Twitter accounts via the granted app permissions. Make sure to logout of Fedified/Debirdify when you're done using it. Double check any app permissions you've allowed on Twitter or Mastodon (under Edit Profile -> Development).
Show threadAndrew Jon ThomsonNov 9, 2022
@DataDrivenMD can anyone point to a detailed explanation of exactly how to do that for beginners because itโ€™s very different from all the 2Fa systems Iโ€™ve encountered before and when someone explained to me how to deal with it I didnโ€™t understand a word they said.
Show threadCraving WafflesNov 9, 2022
@DataDrivenMD Tell me more about the flying monkeys hitting the firewall. ๐Ÿ˜Š
Show threadZagreeth ZeedramaNov 9, 2022
@DataDrivenMD Hi, trying to enter the google auth code but going round in circles as I need to exit mastadon to generate a code and each time I go back to enter the code it's reverted to the beginning of the process again and the auth code has changed. Any advice most welcome, thanks
Show threadSteven SchwinghamerNov 10, 2022
@DataDrivenMD good advice, followed it immediately. Thank you!
Show threadThe DoctorNov 10, 2022

@DataDrivenMD Cyber... Minions...

     

Show threadBarbara Nov 10, 2022
@DataDrivenMD I don's use the mobile version. Is it nevertheless recommended?
Show threadSolar PierreNov 10, 2022
Using Mauth-App. Any better Suggestions?
Show threadteledyn ๐“‚€Nov 11, 2022
@DataDrivenMD how do we enable 2FA in #Tusky? I can't find the option under settings.
Show threadDan Wentzel ๐Ÿณ๏ธโ€๐ŸŒˆNov 21, 2022
@DataDrivenMD It only makes sense the trolls and bots will try to come over to try to ruin any alternatives to manipulating people.
Show threadPantstrovichNov 22, 2022
@DataDrivenMD I thought that multifactor authentication was no longer supported on Twitter, and that if you log out while using it, that you'll be locked out of your account, because it no longer works.
Show threadDeb has moved! (see profile) ๐Ÿ‡จ๐Ÿ‡ฆNov 22, 2022
@DataDrivenMD come to Canada! The server currently is struggling too, but they're actively troubleshooting and we're very friendly! ;->
Https://mstdn.ca
Mastodon Canada

A community for Canadians, First Nations, Metis, and Inuit Peoples of the great white north.

Mastodon hosted on mstdn.ca
Show threadDeb has moved! (see profile) ๐Ÿ‡จ๐Ÿ‡ฆNov 22, 2022
@DataDrivenMD (google "switch mastodon instance" for instructions. It was easy. But your posts stay behind).