JeffCraig

Lemmy's initial implementation of 2FA is not that straightforward and users can easily lock themselves out of their accounts. Please be careful if you decide to enable 2FA.

I personally suggest avoiding 2FA for now until it's working more consistently. There are several feature requests to force 2FA code confirmation is working before it is enabled and those are a bare minimum before this feature is functional.

If your account is locked out due to 2FA issues, please email contact@citizensgaming.com and include 2FA Lockout in your email subject.

2FA Setup Process

DO NO LOG OUT AT ANY POINT DURING THIS PROCESS UNTIL AFTER YOU'VE VERIFIED THAT YOUR 2FA KEYS WORK VIA STEP #8!

1. Click your Username in the top right of the site and select Settings.

2. Scroll to the bottom of the page and check the Set up 2-factor authentication box.

3. You should see the following alert pop up at the bottom of the screen:

4. The page will not automatically refresh. You will need to refresh it manually.

5. After a page fresh, you will see a new button at the bottom of Settings:

6. Clicking on this link does nothing. You need to right-click and copy the link to get your OTP secret key. Your clipboard should now have a URL in it that looks like this: otpauth://totp/Citizens%20Gaming:Test?secret=THISWILLBEWHEREYOURSECRETKEYWILLBE&algorithm=SHA256&issuer=Citizens%20Gaming

7. Depending on the app you use, you'll either need to paste the entire URL, or just the secret key, into the manual setup fields of that app.

8. Open an incognito browser and attempt to log into your account. You should be prompted for your 2FA code during login. If it works, you're good to go.

9. If 2FA is not allowing you to log in, go back to your main browser window and disable 2FA via the Settings page. Wait for updates and try again in a few months.

2FA Apps That Should Work

Android

• Oracle Mobile Authenticator
• Auth0 Guardian
• Sophos Authenticator
• FreeOTP Authenticator
• Google Authenticator
• 1Password

iOS

• Oracle Mobile Authenticator
• IBM Verify
• Sophos Authenticator
• FreeOTP Authenticator

Apps that appear to not support SHA-256

• Microsoft Authenticator
• LastPass Authenticator
• Duo Mobile
• Authy
• 2FAS Auth

It's always great to witness the Bengal in all it's glory, even if it's only at 10fps 😆

From July 6th through July 17th, all current, returning, and new citizens will be able to partake in the Foundation Festival. Full details can be seen on the RSI Support website.

The following ships will be available to all players during this event:

• 600i Touring
• Caterpillar
• Cutlass Black
• Cutlass Red
• Freelancer
• Gladius
• Mercury Star Runner
• Prospector
• Razor
• Starfarer
• Valkyrie
• Vulture

Additionally, for players that partake in the Guide System (until the end of July) will receive exclusive rewards (in-game hats and ship paint jobs). More details have been posted in Spectrum.

Last night, several Lemmy instances (including lemmy.world) were breached and defaced. More details can be found here: https://lemmy.ml/post/1901079

This breach only affected instances that had custom emoji configured. I hadn't gotten to setting those up yet here, so this instance should not be vulnerable.

A fix for this vulnerability has already been created (https://github.com/LemmyNet/lemmy-ui/pull/1897) and as soon as 0.18.2 is released I will upgrade to it here.

This post will help keep the community up to speed on platform updates as they get rolled out. Feel free to create individual discussions in the Support channel if you are facing any issues with a particular build.

Current Lemmy version: 0.18.3

Version Changelog:

• 0.18.1 - Initial installation version.

• 0.18.2 - Upgrade performed on 7/12/2023 without any issues.

• • 2FA appears to be working fine on 0.18.2. If you want to use it please read this post about it.

• 0.18.3 - Upgrade performed on 7/29/2023 without issues.

• 0.18.4 - Upgrade performed on 8/11/2023 without issues.

Defederation is a hot topic in the fediverse, so I want to make sure cover it here appropriately.

I personally don't have a strong stance on this subject. I believe that instances with a large population of bot users and ones that don't moderate illegal content should be defederated to protect the rest of the fediverse. Beyond that I believe it should be up to the individual communities to decide who they wanted to be connected too. To that end, here is the current process for putting an instance up for defederation:

Submitting a defederation request

To suggest an instance for defederation, respond in this thread with the following information:

Instance domain name:

Reason why it should be defederated:

If the post receives a positive vote ratio, the admin and mod staff will have a discussion and decide on whether it should be defederated.

Suggestions and improvements for this process are welcome, but please keep them to a single thread on this post so that it's easier to find the new instance reports.

Current Defederation List

You may check the Instances page for a current list of federated and defederated instances, but I'll also keep a list here for more details.

The following instances are defederated for questionable (potentially illegal) content, an aggressive userbase or for being a large corporate entity:

• Exploding-heads com
• lemmygrad ml
• burggit moe
• lemmy burger rodeo
• threads net

The following instances are defederated due to inundated with bot accounts. These were detected with the Lemmy Overseer service, which I'll check weekly to see if instances need to be added or removed:

• ttrpg network
• lemmy shwizard chat
• lemmy fyi
• cubing social
• fedit io
• lemmy cloudsecurityofficehours com
• dot surf
• veenk help
• clatter eu
• lemmy easfrq live
• mindshare space
• news deghg org
• lemmy primboard de
• theotter social
• thediscussion site
• lemmy podycust co uk
• narod city
• wumbo buzz
• lemmy jtmn dev
• oceanbreeze earth
• bolha social
• bbs darkwitch net
• lemmyunchained net
• voyager lemmy ml
• demotheque com
• baomi tv
• lemmy fedi bub org
• granitestate social
• lemmy tedomum net

In order to ensure that this Lemmy instance is able to keep up with our necessary moderation tasks, community creation is restricted. For now, I’ve created a few basic and very general communities. If you have suggestions for additional communities, feel free to post them here!

Before we create a new community, we will require that a certain number of ardent moderators have volunteered to handle that community. Keeping things moderated is one of the main tenants of keep the fediverse healthy. If any communities become unmoderated and unruly, they will need to be pruned from the instance.

In the last ISC for this quarter of the year, CIG drops a massive drama bomb on the community with the reveal of how they will be replacing Port Olisar.

To get the best experience out of this instance, subscribe to the communities that you want to see content from.

Here are some suggestions, but you can always see the full list by visiting the Communities page:

!screenshots@citizensgaming.com - for in-game screenshots.

!videos@citizensgaming.com - for video related content.

!community@citizensgaming.com - discussion around this Lemmy instance.

!support@citizensgaming.com - support for this Lemmy instance.

!off_topic@citizensgaming.com - anything else unrelated to SC.

In order to ensure that we can keep up with moderation, community creation is restricted. If you have a suggestion for additional channels, feed free to let us know in the Community threads.

For support please email contact@citizensgaming.com.