**** Please enable 2FA on your OcUK forum account ****

Commissario
OP
Joined
16 Oct 2002
Posts
2,647
Location
In the radio shack
I suppose MM is creating an exception though.
Where peoples money is involved, we take matters seriously. There have been a handful of 'compromised' accounts recently (not just those referred to in this thread) where people have reused passwords and there have been fake threads created in the MM. Fortunately, each instance has been quite obvious and nobody has been caught out.

The last thing we want is for anyone to have any second thoughts about buying in the MM, it needs to be as safe as possible.

Would avoid inconveniencing users unnecessarily.
2FA is hardly an inconvenience. It takes a few seconds to set up and requires entering a code once a month.
 
Soldato
Joined
26 May 2009
Posts
22,100
Unfortunately it doesn't look like we can do it that way :(
We looked into it.
Ahh that sucks, well at least you tried. Better than most sites.


Not sure how 2FA can be called a plague. It's a little less convenient, sure. But the security advantage is large.
It's a bandwagon plague sweeping the internet and inconveniencing millions of people for little value. It's essentially a system to stop stupid people from getting hacked after they give away the password/email they use for every site when they fall for a Facebook scam and share their DOB, fav colour, mothers name, etc.

The really annoying thing is that the people who don't need this are the ones who get impacted the most as the more tech savvy are the ones more likely to login from different machines/locations.

The security advantages for anyone not stupid are basically zero as they don't share the answers to secret questions on Facebook or use the same login for every sit eon the internet. Hell online security is less important now than it used to be as password complexity isn't as important as it used to be these days because brute forcing protection is a standard thing on any site.

The funny thing is, banks and payment services are adding "2FA" login as a requirement now (usually via SMS /vomit) when most of them have already had MFA for years anyway (I.E Natwest has required both online banking password and card pin for online banking since the 90's).
 
Man of Honour
Joined
5 Dec 2003
Posts
20,997
Location
Just to the left of my PC
[..] 2FA is hardly an inconvenience. It takes a few seconds to set up and requires entering a code once a month.

It's a bit more than that in some circumstances.

I don't have a handheld networked computer, so no apps for me. OK, email it is. More inconvenient as I have to open and log into my email bridge for better privacy/security then open and log into my email client. No 2FA code email from OcUK. Hmm...give it a few minutes. Nope. Then I remembered that OcUK forums don't allow users to have alerts within the forum only so I had to set up a rule to send all email from the OcUK forums to the bin because I was being spammed with dozens of email alerts every day.

Maybe I'll buy a Yubikey. They look convenient and useful.
 
Soldato
Joined
5 Aug 2013
Posts
6,597
Location
Shropshire
I have had to enable email as I am too stupid to work out how to put the app on - I kid you not I hadn't got a clue when it was asking for all sorts of things. The joys of being old and not that tech savy and only using mobiles as a phone. :confused:
 
Soldato
Joined
17 Mar 2009
Posts
6,589
Location
Nottingham
Fortuntely i had to install Authy on my phone for work last week so getting through the 2FA was pretty smooth although its still a bit fo a ballache to have 2FA on everything now days.

It's worth it though to keep my access to the MM. Does everyone need 2FA or it just those with MM access?
 
Commissario
Joined
23 Nov 2004
Posts
41,851
Location
Herts
Fortuntely i had to install Authy on my phone for work last week so getting through the 2FA was pretty smooth although its still a bit fo a ballache to have 2FA on everything now days.

It's worth it though to keep my access to the MM. Does everyone need 2FA or it just those with MM access?
It will force it for anyone with MM access.
 
Man of Honour
Joined
14 Apr 2017
Posts
3,511
Location
London
This will be my last message, please delete my account as I can't be arsed with 2FA of a pointless computer forum

I feel your pain, I couldn’t scan the QR code no matter what I did and I’m reasonably computer savvy.
Neither could my wife, the brains of the outfit, and she’s endowed with bucket loads of common sense.
I wrote the two lots of three number codes in and it allowed me to log on, but I can imagine deleting them by accident and being unable to log on, even though I’ve entered the back up codes in NOTES.
So if you no longer get anything from me, it isn’t because I don’t like you, I’ll be outside with my nose pressed against the windows, wondering what I did wrong, or didn’t do right.
Still, I’ll be no loss, as an American ex often said, “This is Jean-François, he marches to the beat of a different drum!”
 
Associate
Joined
29 Oct 2019
Posts
1,002
2FA is hardly an inconvenience. It takes a few seconds to set up and requires entering a code once a month.
Not necessarily for everyone, it would be a major inconvenience since my cookies are cleared every time I close my browser. The security improvement for me would be negligible since I use a strong randomly generated password with a password manager (KeePass), but I can see why it would be a requirement for people that have access to MM. I wouldn't be able to set it up anyway since OCUK won't allow me to update my email address (ProtonMail).
 
Back
Top Bottom