I’m not sure how this happened by my 2FA (OTP) password is no longer working and I can not get into my account. Is there a way to reset it?
Account email: nick@brevity.io
NOTE: flyctl is still authenticated. Can I use that to temporarily disable 2fa on my account?
Also, I’ve sent an email to support@fly.io 11 days ago and I still have not gotten any response. Please help me get back into my account!
Ah. Hopefully someone from Fly will see this soon and help you out.
I would assume 2FA backup tokens are in the roadmap. Those would be very handy in a case like this.
I’m currently being locked out due to the same 2FA failure: it was working and it stopped working one day…I have already sent an email to support@fly.io and it has been 7 days without any response. My email is o@owenou.com.
thanks for the reminder! Emailing support@fly.io is a good idea for account issues like this.
I’ve found your email and I’ll make sure that this gets to the right people to get you set up as soon as we can.
Will you get me connected to the right people as well? I’ve been waiting for weeks!
Thank you!
The support replied to me. But in order to get back to my account, I was asked to send a picture of my passport and the last 4 digits of the credit card over the email…
My 2fa was working and I stored it in 1password. Nothing was changed on my end and it suddenly stopped working one day, similar to the exp of @nicksrandall. Now I’m asked to send you a picture of my passport and credit card nums to unblock myself. This is disappointing…Not only it’s unsafe to share sensitive info over an email, but also it sucks that customers did nothing wrong and were asked to do a bunch of things to prove themselves.
I have asked in the email to deactivate my account o@owenou.com so that no further changes are made to my credit card. I hope fly.io can really improve the auth story.
Hi Owen! First, I know this is a shitty situation and it would also frustrate the heck out of me. Second, we are going to get you a better channel to share your identifying documents today, it is totally reasonable to be hesitant about sending those docs over email.
This is an unpleasant policy to deal with, but it is very important that we verify peoples’ identity when we reset 2fa for them. We cannot just do this with email, 2fa exists to protect peoples’ accounts when their email address has been compromised.
The industry standard for verifying someone’s identity is to ask for a copy of a passport or US driver’s license. What we’re asking you to provide is exactly what AWS would request if they were resetting 2fa.
Unfortunately, we also can’t delete your account data without verifying your identity. This is, again, to protect peoples’ data when their email has been compromised.
I understand that this is probably not what is happening here and you’re just trying to get unstuck, but we cannot bypass this policy.
Since you do control your credit card, you have a path forward here. You can dispute the last payment you made to us. That will trigger account closure for non payment. Note that this sucks for us, it costs us quite a bit of money and loses a customer. That said, this is exactly what you should do if you’re not comfortable verifying your identity with us.
Hopefully that makes sense. I’m very sorry we don’t have a better answer for you.