Don't require API key for logging into CLI when 2FA is enabled

I don’t know what y’all were thinking when you changed the CLI so that when I log in now I have to enter not only my username, master password, and 2FA code, but also my API key, but this is a stupid change and you should revert it. Requiring the API key to be entered adds no meaningful additional security over and above the username, master password, and 2FA code; it’s just an unnecessary annoyance. Please reconsider this.

Hi @jik - thanks for the feedback.

As part of new captcha security procedures to protect our users, CLI authentication is inadvertently (and temporarily) caught in this process.

A fix is slated for the end of Oct remediates this and bypasses captcha for devices previously associated with your account.

As an interim step, you could look into API key-based authentication through env variables or files and unlocking your vault as a second step with your master password.

@jik - thanks again for the clear feedback - we’ve pushed a hotfix that allows known devices to authenticate without the API key. You should be back in business now. Please let us know!

Great news - I just tried it and everything seems to work normally for me! :+1:

1 Like