From 65497c1a3f553b6fcb3e6e8a5899bdf0ba7bf377 Mon Sep 17 00:00:00 2001
From: William LP <10053686+William-LP@users.noreply.github.com>
Date: Tue, 19 Aug 2025 10:45:28 +0200
Subject: [PATCH] Update 2FA bypass.md

---
 2FA Bypass/2FA bypass.md | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/2FA Bypass/2FA bypass.md b/2FA Bypass/2FA bypass.md
index 7d6cad9..651ed19 100644
--- a/2FA Bypass/2FA bypass.md	
+++ b/2FA Bypass/2FA bypass.md	
@@ -69,13 +69,8 @@ verification-code=123456
 
 [ ] CSRF on 2FA Disable Feature
 ```
-1. Request a 2FA code and use it
-2. Now, Re-use the 2FA code and if it is used successfully that's an issue.
-3. Also, try requesting multiple 2FA codes and see if previously requested Codes  
-expire or not when a new code is requested
-4. Also, try to re-use the previously used code after long time duration say 1 day or  
-more. That will be an potential issue as 1 day is enough duration to crack and guess  
-a 6-digit 2FA code
+1. Search if there's an URL to opt out from 2FA like /users/me/2FA?activate=false
+2. Make the victim click the link so they are not protected by 2FA anymore
 ```