![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/eb9cfeb5-4eb5-4b1b-a75c-8d9e04c3f856.png)
The TOTP feature in Bitwarden works, if you paste in the whole otpauth://
URI to Bitwarden’s Authenticator Key (TOTP) field. The URL specifies that the hashing algorithm should be SHA256. If you just import the secret=
value into Authy, it probably defaults to using the SHA-1 algorithm, which may be why the codes generated by Authy don’t work.
SHA256 is more secure than SHA-1, which I guess is why Lemmy has chosen to use it for its 2FA feature.
Then change the title of the post to something open-ended like “How vulnerable is Lemmy to DDOS attacks?”. Taking out a major node which hosts many key communities is going to have an adverse impact.