• Hi Guest. Welcome to the new forums. All of your posts and personal messages have been migrated. Attachments (i.e. images) and The (Old) Classifieds have been wiped.

    The old forums will be available for a couple of weeks should you wish to grab old images or classifieds listings content. Go Here

    If you have any issues please post about them in the Forum Feedback thread: Go Here

2 Factor authentication

Cipher-032

Cipher-032

Members
Joined
Feb 26, 2011
Messages
285
Reaction score
76
Just in the process of speaking to the Forum admins.

Ive had a recent breach of security on my account. And a very dodgy advert was posted under my account.

Of which the admins have done their job. But the actual guilty party here now has had been told off for something Ive not done. (Dont take this the wrong way, as stated speaking to Jedi_Master on this)

A lot of places do 2 factor authentication. Im not sure if a system can be put in place for here? Its saved my accounts many times before for gaming etc.



 

View attachment 97048

 
Forcing everyone to change their password to something new, once, would be less intrusive, and have much the same effect.

I'm not going to swipe right on my phone to log in here.

 
Not sure you can really draw a link between the implementation of multi-factor authentication and a mass password reset. The blog post I found on Invision about implementing this suggests that it's optional (or can be set as such). Is there any reason you wouldn't want people to have the option to enhance their security?

 
Ah, fair enough, if it's optional - I'm a bit sulky because my work laptop's "single sign in" has turned into "mandatory long email address, 15 character passwords, and 2FA multiple times a day".

I would still note that anyone minded to swipe right could just change their password to something unique and randomly generated.  Sure, data breaches, but in the event of a mass breach we're all pretty much hosed.

 
Seems reasonable, having it inflicted on you at work is one thing, having to put up with it in your own time is another.

That said, the statement from the OP about "It's saved my accounts many times" isn't a great sign...

I could bore on about this at length (but thankfully won't) about why it's great and you should turn it on for everything you can (Amazon, Insta, etc.) Suffice to say, password managers and a hardware based MFA method like Yubikey are the way to go, if your system supports it.

 
2FA via Google Authenticator is now enabled. You may set this up here: https://airsoft-forums.uk/settings/account-security/

This will remain an optional - encouraged - choice, but it's there nontheless for those who want it. It's only currently configured to prompt when changing certain account settings or when logging in from a new device. New users will be informed of this feature when signing in for the first time.

 
Seems to work okay for me, thanks. (Albeit I am using a different authenticator app, but the principle is the same).

 
proffrink said:
2FA via Google Authenticator is now enabled. You may set this up here: https://airsoft-forums.uk/settings/account-security/

This will remain an optional - encouraged - choice, but it's there nontheless for those who want it. It's only currently configured to prompt when changing certain account settings or when logging in from a new device. New users will be informed of this feature when signing in for the first time.
Click to expand...
Blimey thank you. This will save a lot of agro and certainly help stop people hijacking accounts

 
You must log in or register to reply here.

Similar threads

Grave Squirmer
Unable to list new classifieds advert
Replies
6
Views
446
novioman
N
L
Message About authentification? Feels scammy
Replies
6
Views
350
EvilMonkee
EvilMonkee
H
Pinned admin list request
Replies
4
Views
944
EDcase
EDcase
DanBow
New hop not hopping
Replies
8
Views
920
DanBow
DanBow
F
New Member popping in to say hi!
Replies
4
Views
198
EDcase
EDcase
Back
Top