Discord: Have you lost access to your email? no worries, just regain access to it!
I would have expected them to ask me to message them, in order to resolve the issue of not having access to my old email. Instead, they assume that I still have access to it, by simply contacting my email provider!
If I could do that, I wouldn't have lost access to it through would I?
I mean... It would be nice if they put a nicer message there. But I mostly agree with that.
Look up how people social engineer their way into apple accounts and so forth. The more you put the burden on a (perpetually) underpaid CSR the easier it is to steal an account, Spin a sob story and then harass the CSR until they just reset your password so you will go away. Except there is no guarantee that is YOUR password and now we have yet another stolen account.
Also works on EA accounts. Got mine stolen through Customer Service a few months ago. But when I contact them through the email the account was set up with they don't reinstate me.
Wish there was a solution to these problems that deals with both issues.
2FA. No, not the fucking "we'll send you an SMS" bullshit that is increasingly used to just highlight an active phone number for spam purposes. Proper TOTP with the code backed up to a proper service (bare minimum, Bitwarden)
Someone can steal your password and even your email account (unless you TOTP that too...). They still can't get into your account unless you are an idiot who gets tricked into providing the 2FA key.
In a perfect world? Have your TOTP credentials in one encrypted database/Bitwarden account and your passwords in another. In reality? Just use a trusted service. I used to be a big fan of Keepass but protecting that with a yubikey (or similar) is a huge mess.
The recent push for passkeys (?) is a nice-ish middle ground. People don't need to understand how to paste a TOTP code into Bitwarden but they still need to approve a login. That said, I hate it since so much of it is dependent on a single device that can generally be opened by just applying REDACTED to the screen and doing REDACTED to narrow down the lock code significantly.
you seem to be misreading the message. if you no longer have access to your email account that is linked to discord, what the hell can discord do about it? nothing. so you have to contact the email provider's customer service to get access to your email account.
this is not just reasonable, it's the only way it could work. or do you think Google customer service will help you reset your lemmy password?
I've only had to contact them for trust and safety reports and they've been pretty responsive, despite usually not telling you the outcome (the outcome is pretty easy to find out anyway). I'm glad I haven't had to contact them for other stuff though, since I've heard it's a nightmare.
I had to deal with their T&S for my account being locked once. It was indeed a nightmare.
I consider myself pretty reserved and knew that I had never said or shared anything even remotely problematic, so I appealed, and they denied the request without even looking at it, then refused to respond to further questions (or even tell me what I supposedly did). It took me publicly complaining about the whole ordeal on social media for about a week for someone at discord to notice, look at my case, and finally realize a mistake had been made and unlock my account. They still never explained what happened.
My main email said they suspected unusual activity from me. So I need to go to my backup email, and get a code. Simple enough. So I go to my backup email which I never use. I log in, and they say "Looks like it's been a while, we're going to send an email to the backup of this account. Well the backup of the backup is the main account. So now I know the passwords for both accounts. But I can't get into either because both are pointing at the other, so I can't get into either.
I legit want an actual hacker to hack my backup and let me in, just so I can get into my main. I've had the account since 1997
Actually no. Im fine. Its just the approach to this that is bad. At least they could try. For example by charging a tiny fee and comparing credit card nubers or names on credit cards.
Is that an old person thing? I have one custom domain exclusively for my work email, and while I was at it I made one for my personal just because I could.
Discord: our platform is being abused to peddle malware via c2 channels, file repositories, etc. So to combat this problem, we’re going to ruin the customer experience!
Good luck - a lot of Discord users use freemail accounts (Yahoo, Gmail, Hotmail, etc) where it's practically impossible to contact the provider or recover a lost account.
I recently had this exact same issue with Discord, I absolutely fucking despise this platform and won't ever use this proprietary, privacy-invasive pile of shit again.