**** Please enable 2FA on your OcUK forum account ****

Commissario
Joined
16 Oct 2002
Posts
335,537
Location
In the radio shack
We've had a handful of instances over the last few days where forum members have had their accounts compromised.

I must stress that there has been no data breach at OcUK but if someone gets into your email, it's then relatively straightforward for them to access your OcUK account.

It should also go without saying that the password you use for OcUK should be unique. You should not reuse the same password for anything on the internet, it's an invitation for disaster.

We strongly encourage you to enable two factor authentication (2FA) on your OcUK forum account.

2FA is now compulsory for everyone who has been a member for six months and who has 1,000 posts. If you're not forced to enable it, we strongly encourage you to enable it anyway.

Click on your username in the top right, then select Two-Step Verification.

You'll be prompted to enter your password.

Then click to Enable Verification Code via App.

XXUrhPa.png


Thanks.
 
Soldato
Joined
29 Jul 2010
Posts
20,910
Location
Lincs
Done.

I recently started using the MS authenticator and there doesn't seem that much I can enable it on! I've got a plusnet email address and I don't think I can enable 2fa on that, unless anyone knows different?
 

mrk

mrk

Man of Honour
Joined
18 Oct 2002
Posts
90,815
Location
South Coast
What other services do you use? Your ISP email/account system probably doesn't have app based 2FA but they should have login verification surely?

In my MS app I have 20 accounts in there with app based 2FA support, this ranges from Zoom to STEAM/Origin etc.
 
Soldato
Joined
18 Oct 2002
Posts
2,912
Location
London
I've had it enabled for a while. Is there a way to stop it logging you out every 30 days to ask for a new code?
 
Caporegime
Joined
26 Dec 2003
Posts
25,675
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.

What with the COVID passports will people be able to do anything in the future without a mobile phone? hey guys link everything to your mobile phone so we can monitor all of your text messages and see all of your accounts and whenever you login. Bye bye privacy.

Chinese social credit system here we come.
 

Ree

Ree

Associate
Joined
22 Aug 2016
Posts
2,465
That's a relief about no breach as that would've made the MM a minefield and I would've hated to see someone get scammed.
 
Soldato
Joined
18 Oct 2002
Posts
15,869
Location
Manchester
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.

What with the COVID passports will people be able to do anything in the future without a mobile phone? hey guys link everything to your mobile phone so we can monitor all of your text messages and see all of your accounts and whenever you login. Bye bye privacy.

On here? A few people got phished I believe and the phished accounts immediately posted on members market trying to scam people.
 
Soldato
Joined
29 Jul 2010
Posts
20,910
Location
Lincs
What other services do you use? Your ISP email/account system probably doesn't have app based 2FA but they should have login verification surely?

In my MS app I have 20 accounts in there with app based 2FA support, this ranges from Zoom to STEAM/Origin etc.

I've only managed to enable it on 4 (inc OCUK now) and thats MS, Amazon and Paypal - and I don't even really use Amazon and Paypal :p I'll go check Steam now.

I'll check if plusnet has any login verification, but I think it's just email/password!

Edit : Nope can't find any extra protection on Plusnet :-/
 
Last edited:
Commissario
Joined
16 Oct 2002
Posts
335,537
Location
In the radio shack
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.
Because we want to protect our members and the first thing that happened after these accounts were compromised was that they posted in MM trying to scam people.
 
Soldato
Joined
29 Jul 2010
Posts
20,910
Location
Lincs
Just spoke to Plusnet and nope they have no extra security on their email account! The woman said "That's why you need a really secure password" but when I pointed out no-one really brute forces a password, they are gained by phising/logging etc so it doesn't matter how complicated it is, she just agreed and the conversation tailed off into silence....
 
Soldato
Joined
21 Jan 2010
Posts
11,126
Just spoke to Plusnet and nope they have no extra security on their email account! The woman said "That's why you need a really secure password" but when I pointed out no-one really brute forces a password, they are gained by phising/logging etc so it doesn't matter how complicated it is, she just agreed and the conversation tailed off into silence....
What were you expecting the dear in the call centre to do about your whinge? :confused: Did you feel good 'out knowledging' a call center assistant?

Vote with your wallet or GTFO.

Edit: also, who uses their ISP email in 2021?
 
Top