**** Please enable 2FA on your OcUK forum account ****

Soldato
Joined
18 Aug 2007
Posts
9,214
Location
Liverpool
Uncertainty and change! The same reason people panic buy bog roll and fuel :p

Give over... I'm Asperger's/Autistic, and if I can deal with it without batting an eye, nobody else has any excuse. :p

Yep, very annoying and honestly I don’t get why it’s required. I’m a big boy and I can decide what accounts I give enough of a crap about to use strong passwords and 2FA on. A computer forum is not something I care enough about to bother so forcing me is just annoying especially as I use it on 3 devices. At least set the timeout to forever or a long period of time.

You may or may not 'give a crap' about your account, but I'm sure OcUK and the Admins/Dons do - from both a liability PoV and a 'keeping our community safe from noobs with compromised accounts' PoV. You should have strong passwords/phrases and MFA enabled everywhere, not just on some sites. Otherwise, what's the point? You only need to be compromised on one or two weak places and it soon dominoes.
 
Soldato
Joined
30 Apr 2006
Posts
16,663
Location
London
I still have a bookmark on my address/bookmarks bar, and I still zip by whenever I feel like it. It's just that once a month, for two seconds, I have to press the button on my password manager in my browser and then go back to zipping by whenever I feel like it for another month. Hardly arduous. If it's troublesome for you, adjust your workflow. Get a password manager with a browser extension and stop having to worry about it. Two birds, one stone. Now you can have complex passwords/phrases everywhere, integrated 2FA, and it's either auto input for your or it's just a click away. Sorted.

I use OCUK on multiple devices, i just had to do this for the 4th time in 24hrs, it's getting more and more annoying as time goes by. You probably only use one device.
 
Soldato
Joined
18 Aug 2007
Posts
9,214
Location
Liverpool
I use OCUK on multiple devices, i just had to do this for the 4th time in 24hrs, it's getting more and more annoying as time goes by. You probably only use one device.

No mate, four. A quick click monthly and done, sorted.

Edit: Thinking on, it's multiple browsers per device as well (eg Firefox, Safari, Brave), so times that by three minimum.
 
Associate
Joined
12 Apr 2021
Posts
364
Location
It is cold here.
I think the issue is more at the frequency. If it was say every 3 months, I'm sure many would have no issue with that.
I donot think it would make any real differece.

People donot like change and they donot like being told what to do. this is a big change that they are forced into and i think that is the problem.

Its a sad reflection on the world when there are this many complaints about something that makes the internet more secure. I am not very active here and donot have access to the sales section of the forum but i am happier knowing that when i do, it will be a safer place.
 

fez

fez

Soldato
Joined
22 Aug 2008
Posts
19,242
Location
Tunbridge Wells
You may or may not 'give a crap' about your account, but I'm sure OcUK and the Admins/Dons do - from both a liability PoV and a 'keeping our community safe from noobs with compromised accounts' PoV.

This makes no sense. If I want to post crap I can create a dozen accounts and post crap from them. If you are a mod then sure, you should have 2FA as you have some vague powers. The average user has none and should have the choice on 2FA.

You should have strong passwords/phrases and MFA enabled everywhere, not just on some sites. Otherwise, what's the point? You only need to be compromised on one or two weak places and it soon dominoes.

What do you mean whats the point? I don't have concrete walls and beefy locks on my shed because the contents aren't worth it. If you have any comprehension of how security works on the web then you wouldn't be suggesting that being compromised in "one or two weak places" causes it to domino. My main "I don't really care about this account" password that I have used for years has been leaked dozens of times. I don't care. Unless they have access to my gmail, my phone and my authenticator app they ain't getting anything of value and any accounts I care about have 20+ character password, 2FA and sometimes more.

Christ, most sites with super vital information don't force you to use 2FA because they know that some people don't want it and are happy with their current security level. On your head be it.
 
Last edited:
Soldato
Joined
9 Mar 2003
Posts
10,602
While I agree with the rest of your post, forcing 2FA is not a big change and is something that should be expected on a tech focussed website. All this bickering is a bit out of order.

I have 2FA enabled everywhere I can because it only takes one mistake to send the dominos falling.

Even mainstream shopping sites are starting to embrace 2FA.
 
Soldato
Joined
23 Mar 2011
Posts
13,599
Location
West Side
I must have clicked the use this code for 30 day option (think is pre ticked) when logging in bit i didnt want to do this and would prefer to use a code when i log in everytime.

Is there anyway to to revert back to using 6 digit code every time i log in ?

@Feek
 
Last edited:

fez

fez

Soldato
Joined
22 Aug 2008
Posts
19,242
Location
Tunbridge Wells
I have 2FA enabled everywhere I can because it only takes one mistake to send the dominos falling.

Where is this dominoes falling coming from. All you accounts don't suddenly become compromised when a certain number do. There are probably 2 accounts out of hundreds I have that are genuinely vital to my security and the rest of them are completely isolated from anything else. Yes, if you are stupid enough not to have 2FA on your gmail and someone gets into that then you are in trouble. If that happens though it doesn't matter about your 2FA in many cases because they have the keys to the kingdom. They certainly wouldn't be worrying about your OcUK account.
 
Soldato
Joined
28 Oct 2006
Posts
12,145
Location
Sufferlandria
I must have clicked the use this code for 30 day option (think is pre ticked) when logging in bit i didnt want to do this and would prefer to use a code when i log in everytime.

Is there anyway to to revert back to using 6 digit code every time i log in ?

You will still be asked for the code every time you log in. The "remember me" checkbox stores your login state so it won't ask you to log in again for 30 days but after those 30 days you'll need to log in with a 2fa code. If you use another computer or browser it wont have the stored login state in it so you'll be asked to login with a 2fa code regardless of whether the 30 days saved login has expired on your main pc or not.
If somebody else has your password and tries to login without having access to your computer (which I guess is what you're getting at?) then they will be asked for a 2fa code.

If you still want to undo the "remember me" box you ticked, you can clear the cookies from your browser and it'll ask you to login again (same for all other sites you have saved logins for)
 
Soldato
Joined
8 Dec 2008
Posts
5,683
I need to change my e-mail address but the one I want to change it to is banned by admin?

I think it's from when I got locked out of my main account so made a new one with that address which has since been removed.
 
Soldato
Joined
9 Mar 2003
Posts
10,602
Where is this dominoes falling coming from. All you accounts don't suddenly become compromised when a certain number do. There are probably 2 accounts out of hundreds I have that are genuinely vital to my security and the rest of them are completely isolated from anything else. Yes, if you are stupid enough not to have 2FA on your gmail and someone gets into that then you are in trouble. If that happens though it doesn't matter about your 2FA in many cases because they have the keys to the kingdom. They certainly wouldn't be worrying about your OcUK account.

For the exact reason the mods have set out, I didn’t specifically refer to my dominos. It’s not all about me and my security, as a member of this community I also have a duty to others.

My compromised forum account could be used to scam others which isn’t acceptable in my view. The MM is all about reputation, as soon as a few scammers are successful, it’s done.

I guess I just have a different outlook on life and community :).
 
Top Bottom