Y
Hacker News
new
|
ask
|
show
|
jobs
by
randac
1369 days ago
This is fine as long as you notify the account holder based on both a failed 2FA OR just ignoring the 2FA prompt rather than making an attempt.
Personally I don't know enough to know if that's the case?