Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The blog author didn't actually have two factor authentication enabled. The headline is wrong.


You are incorrect, quote from the article:

all CloudFlare.com accounts use two-factor authentication. We are still working with Google to understand how the hacker was able to reset the password without providing a valid two-factor authentication token.


He didn't have it for his personal account. But he did have it for cloudfare.com accounts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: