I received a popup inviting me to enable 2FA when logging in. I declined, and looked for it later, and cannot find anything at all. However it it’s 2FA to your phone, not TOTP or hardware key.

Hi,

FA does have Google Authenticator type 2FA OTP (6-digit PIN), but it only can be set up when offered.

When FA switched to e-mail authentication, I was hoping for true 2FA OTP. A few weeks later, I had a login popup offering 2FA, but it was not a convenient time for me to set that up, so I declined. Later, I looked for the setting, but could not find it.

About a month later the 2FA OTP offer again appeared on login. This time I used it. It is the typical “scan a code” or manually enter the code option for Google Authenticator, Authy, or any of the other OTP apps.

However, then things get a bit strange. Logging in now does not offer a direct link to the 2FA OTP login method, so you still have to use e-mail. Then after the e-mail login, the 2FA OTP prompt is displayed and used.

I’m not sure if is a Firefox issue, or possibly LastPass corrupting the 2FA entry fields, but it displays as 6 boxes with up/down arrows, and you have to click up/down to enter the digits. Even worse, all but the far left side of the digits is hidden by the up/down interface, so you have to carefully click and count. The last digit is even stranger. There is no “enter” function, so each time you click on the last digit, it “fails” with a bad code, but then lets you click again and try the next digit. Very strange. It’s either Firefox or LastPass, and I haven’t bothered troubleshooting yet. The short-term, less secure method is simply to not clear FA cookies automatically on each shutdown so login remains for the 30 or so days.

The help and FAQ is definitely outdated. Most of the text there refers to the old original mobile phone text method (text or SMS?), not e-mailed codes. The option on the account page to change password or configure security options have not been there for years I believe.

To be clear, the “Sign in with Google” option, which is one of the three methods (Google, Apple, or e-mail), is NOT a way to directly sign in using a “Google Authenticator” or Authy type 2FA OTP 6-diggit PIN. That seems to be just a way of signing in by linking your FA account to a Google account, which is definitely not a very secure option. I prefer to keep things separate.

I am hoping FA eventually gets this all streamlined a bit! Like many, I would prefer a FA user/password login option that works directly with the already created 2FA OTP codes.