You might wanna log out and readd your accounts, most instances changed the login cookie secret after the attack yesterday, so now the old cookies don’t work any more.
It’s like a secret code. You can define a new one whenever you want (the admins I mean), but that will invalidate any active session (users logged in), so you have to clear cache and log back in.
Ask the admins if they’re changing the secret every single day (that would be overkill IMO, but they might think this is a must till things get patched, IDK if lemmy.world is on 0.18.2, which implements the patch, or they still haven’t updated).
I feel like with these kind of things it’s worth saying things that might seem obvious to you or me. I know there’s still a lot of confusion around lemmy and we’re still getting new users.
Yeah, that’s why I usually try and explain things, not just offer solutions. I believe it’s important for the users to understand how things work under the hood. Not in detail, but the general gist of it, yes.
You might wanna log out and readd your accounts, most instances changed the login cookie secret after the attack yesterday, so now the old cookies don’t work any more.
That was happening to me too. Removing and adding my accounts again fixed it, but it is good to know the why as well as the how. Thank you!
It’s like a secret code. You can define a new one whenever you want (the admins I mean), but that will invalidate any active session (users logged in), so you have to clear cache and log back in.
This seems to fix it only temporarily, I feel like I’ve logged out and re-logged in my lemmy.world account every day since Monday.
Ask the admins if they’re changing the secret every single day (that would be overkill IMO, but they might think this is a must till things get patched, IDK if lemmy.world is on 0.18.2, which implements the patch, or they still haven’t updated).
You’re right! I missed it but they updated to 0.18.2 yesterday (announcement post).
Then things should get back to normal in a day or so 👍.
This affects other apps too btw
Yeah, of course, they all use the auth cookie for logging in.
I feel like with these kind of things it’s worth saying things that might seem obvious to you or me. I know there’s still a lot of confusion around lemmy and we’re still getting new users.
Yeah, that’s why I usually try and explain things, not just offer solutions. I believe it’s important for the users to understand how things work under the hood. Not in detail, but the general gist of it, yes.