I recently opened an account with AlphaBay and enabled 2FA. I've been away from the DNMs for a considerable period, but have continued taking every precaution to avoid phishing attempts and the sort. Even more so now that the scene seems a little more risky than times past.
Yesterday I transferred BTC to this account for the first time, placed three physical orders, and later one digital order. No sign of issue, every safety precaution taken as it relates to phishing/scams.
This morning, I attempted to complete 2FA from the main URL (pwoah, etc etc) and was advised that I had not used the correct security code and to ensure I decrypted using the correct key.
At first I panicked, thinking perhaps I had been phished some how. I had accessed ThePirateBay earlier and was required to enter a CAPTCHA and code, confirming my humanity, to gain access to the site. I thought this might be the issue, and I had been infected with some bug or virus.
As a last ditch effort I used one of the alternate URLs to access AlphaBay. Prompted with the same PGP-encrypted security code, I decrypted using the same key as before, entered the security code, and was given access to the site.
I returned to the site (main URL) an hour or so later, presuming the issue wouldn't occur again. It did. I used the same alternate I had used before, and accessed the site/my account without a problem. I did notice that the PGP-encrypted security code seemed to be the same I received earlier as well, though I'm not sure if that's standard.
Anybody experienced this or something similar? Although I'm new to 2FA, I'm not new to the DNMs, PGP, or any of the rest. Is this something that should concern me? Should I change my password/information/PGP?
Not suggesting foul-play or anything, I'm just curious and would appreciate some input.