**** Please enable 2FA on your OcUK forum account ****

Commissario
Joined
16 Oct 2002
Posts
342,993
Location
In the radio shack
We've had a handful of instances over the last few days where forum members have had their accounts compromised.

I must stress that there has been no data breach at OcUK but if someone gets into your email, it's then relatively straightforward for them to access your OcUK account.

It should also go without saying that the password you use for OcUK should be unique. You should not reuse the same password for anything on the internet, it's an invitation for disaster.

We strongly encourage you to enable two factor authentication (2FA) on your OcUK forum account.

2FA is now compulsory for everyone who has been a member for six months and who has 1,000 posts. If you're not forced to enable it, we strongly encourage you to enable it anyway.

Click on your username in the top right, then select Two-Step Verification.

You'll be prompted to enter your password.

Then click to Enable Verification Code via App.

XXUrhPa.png

Thanks.
 
Done.

I recently started using the MS authenticator and there doesn't seem that much I can enable it on! I've got a plusnet email address and I don't think I can enable 2fa on that, unless anyone knows different?
 
What other services do you use? Your ISP email/account system probably doesn't have app based 2FA but they should have login verification surely?

In my MS app I have 20 accounts in there with app based 2FA support, this ranges from Zoom to STEAM/Origin etc.
 
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.

What with the COVID passports will people be able to do anything in the future without a mobile phone? hey guys link everything to your mobile phone so we can monitor all of your text messages and see all of your accounts and whenever you login. Bye bye privacy.

Chinese social credit system here we come.
 
That's a relief about no breach as that would've made the MM a minefield and I would've hated to see someone get scammed.
 
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.

What with the COVID passports will people be able to do anything in the future without a mobile phone? hey guys link everything to your mobile phone so we can monitor all of your text messages and see all of your accounts and whenever you login. Bye bye privacy.

On here? A few people got phished I believe and the phished accounts immediately posted on members market trying to scam people.
 
What other services do you use? Your ISP email/account system probably doesn't have app based 2FA but they should have login verification surely?

In my MS app I have 20 accounts in there with app based 2FA support, this ranges from Zoom to STEAM/Origin etc.

I've only managed to enable it on 4 (inc OCUK now) and thats MS, Amazon and Paypal - and I don't even really use Amazon and Paypal :p I'll go check Steam now.

I'll check if plusnet has any login verification, but I think it's just email/password!

Edit : Nope can't find any extra protection on Plusnet :-/
 
Last edited:
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.
Because we want to protect our members and the first thing that happened after these accounts were compromised was that they posted in MM trying to scam people.
 
Just spoke to Plusnet and nope they have no extra security on their email account! The woman said "That's why you need a really secure password" but when I pointed out no-one really brute forces a password, they are gained by phising/logging etc so it doesn't matter how complicated it is, she just agreed and the conversation tailed off into silence....
 
Just spoke to Plusnet and nope they have no extra security on their email account! The woman said "That's why you need a really secure password" but when I pointed out no-one really brute forces a password, they are gained by phising/logging etc so it doesn't matter how complicated it is, she just agreed and the conversation tailed off into silence....
What were you expecting the dear in the call centre to do about your whinge? :confused: Did you feel good 'out knowledging' a call center assistant?

Vote with your wallet or GTFO.

Edit: also, who uses their ISP email in 2021?
 
Back
Top Bottom