As title. I have and always had 2FA turned off in settings.
Hugely annoying. Anyone else getting the same?
Just tried logging in from a private window and also received the requirement to enter an emailed code.
I had 2FA disabled but discovered it uses an authenticator app vs email or sms so enabled it. It appears to even allows multiple 2FA devices.
A TOTP authenticator app is integrated into my login workflow better than email codes so much preferred if 2FA is required.
2 Likes
Did you still encounter verification code requirement even if you turned of 2FA?
1 Like
2FA is and always was turned off. Makerworld started requiring emailed verification codes a couple of days before I created this thread. I changed nothing.
2 Likes
I just checked this logic. We added a verification mechanism last week for accounts that does not turn on 2-step verification.
If you use the same browser, the verification will happen only once (except that you use in-private mode browser).
When you use another browser, the verification will happend again. The verified status is stored as browserâs local data. Different browsers has their individual local data.
I donât keep cookies which means verification is required every time. I would have more sympathy for your security measures if keeping logged in status in browser cookies was not a ridiculously huge gaping security hole.
There is a reason banks and other financial sites require passwords and 2FA on every log in. There is a reason those sites log you out. There is a reason most will log you out automatically after a few minutes of inactivity.
1 Like
Email verification is a form of 2FA, so youâre essentially forcing 2FA for people who donât want to enable it.
3 Likes
They are different.
If 2FA is enabled, you will be required to input a verification code each time you login.
If not, verification code will NOT be required if you use the same device (browser + PC/phone/tablet), except that you use in-private mode browser.
so how do you turn this email code logon off in the setting ? I do not use 2FA ! and my browsers on my PCs all 5 of them are set not to keep cookies⌠so why do I need to use a email code just which to me is no different to 2AF to logon to a 3d printing siteâŚmaking wast my time âŚso how do we turn it off âŚ
1 Like
At the moment you canât. Support will tell you you should only have to get an email verification once (they assume you keep cookies).
Cookies bypass password and 2FA codes and are as or less secure than passwords depending how you store passwords.
So at the moment you put up with the pain of getting an email 2FA code or keep cookies and make your account less secure than it was before they forced emailed 2FA codes on you.
You could also turn on 2FA in settings and use an authenticator. I reluctantly tried that and found I couldnât automate code entry because the pop up for 2FA entry requires a mouse click - more dumbness.
1 Like
Yep. Same thing for me. Mega frustrating.
I hadnât opened Bambu Studio in over a month so Iâm guessing the system logged me out. When I went to log back in I received the message that I needed a verification coed which was sent to my email address. This is a total pain as my email is not on the same computer as Bambu Studio. So I had to go upstairs get my email to get the code, what a pain in the *** The only reason I use the Bambu cloud is because Bambu wonât make Bambu Handy work in the LAN mode.
Let us have the option to turn this off, as itâs a total pain
You can turn it off. If you go to the Bambu main page (Bambu Lab | Unleash Your Creativity with Bambu Lab 3D Printers - Bambu Lab) and then click your profile pic and then âProfile settingsââŚ
On the next screen youâll see â2-Step Verificationâ and you can turn if off.
That turns 2FA by your own authentication tool on or off. If it is off 2FA by email is forced.
I donât keep browser cookies so I get 2FA emails for every log in. I have had literally hundreds of them and each is a reminder of how grossly incompetent Bambu Labs is when it comes to security and privacy. They suggested that I shouldnât need to get emailed 2FA codes because cookies effectively keep me logged in for ever (looks like the cookies last a year). On a compromised machine or network cookies are as easy if not easier to steal than passwords and those cookies completely bypass user name, password, and 2FA security.
They force PIA email 2FA on me and tell me the PIA is my fault because I choose to mitigate the gaping security holes in their system. They are grossly incompetent and the recent fiasco trying to lock down printer access for âsecurityâ reasons is more of the same.
2 Likes