1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

**** Please enable 2FA on your OcUK forum account ****

Discussion in 'General Discussion' started by Feek, 14 Oct 2021.

  1. robgmun

    Capodecina

    Joined: 30 Apr 2006

    Posts: 16,613

    Location: London

    I use OCUK on multiple devices, i just had to do this for the 4th time in 24hrs, it's getting more and more annoying as time goes by. You probably only use one device.
     
  2. SexyGreyFox

    Man of Honour

    Joined: 29 Mar 2003

    Posts: 53,192

    Location: Stoke on Trent

    3 times in 3 days on my browser, takes 5 seconds but annoying
     
  3. Yaayuh!

    Capodecina

    Joined: 5 Nov 2010

    Posts: 21,848

    Have you tried another browser with default settings? Try Edge, for example, and see if you get the same.
     
  4. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,041

    Location: Liverpool

    No mate, four. A quick click monthly and done, sorted.

    Edit: Thinking on, it's multiple browsers per device as well (eg Firefox, Safari, Brave), so times that by three minimum.
     
  5. Einskis Nokkur

    Gangster

    Joined: 12 Apr 2021

    Posts: 266

    Location: It is cold here.

    I donot think it would make any real differece.

    People donot like change and they donot like being told what to do. this is a big change that they are forced into and i think that is the problem.

    Its a sad reflection on the world when there are this many complaints about something that makes the internet more secure. I am not very active here and donot have access to the sales section of the forum but i am happier knowing that when i do, it will be a safer place.
     
  6. fez

    Capodecina

    Joined: 22 Aug 2008

    Posts: 17,614

    Location: Tunbridge Wells

    This makes no sense. If I want to post crap I can create a dozen accounts and post crap from them. If you are a mod then sure, you should have 2FA as you have some vague powers. The average user has none and should have the choice on 2FA.

    What do you mean whats the point? I don't have concrete walls and beefy locks on my shed because the contents aren't worth it. If you have any comprehension of how security works on the web then you wouldn't be suggesting that being compromised in "one or two weak places" causes it to domino. My main "I don't really care about this account" password that I have used for years has been leaked dozens of times. I don't care. Unless they have access to my gmail, my phone and my authenticator app they ain't getting anything of value and any accounts I care about have 20+ character password, 2FA and sometimes more.

    Christ, most sites with super vital information don't force you to use 2FA because they know that some people don't want it and are happy with their current security level. On your head be it.
     
    Last edited: 20 Oct 2021
  7. b0rn2sk8

    Sgarrista

    Joined: 9 Mar 2003

    Posts: 9,203

    While I agree with the rest of your post, forcing 2FA is not a big change and is something that should be expected on a tech focussed website. All this bickering is a bit out of order.

    I have 2FA enabled everywhere I can because it only takes one mistake to send the dominos falling.

    Even mainstream shopping sites are starting to embrace 2FA.
     
  8. mickyflinn

    Capodecina

    Joined: 23 Mar 2011

    Posts: 12,559

    Location: West Side

    I must have clicked the use this code for 30 day option (think is pre ticked) when logging in bit i didnt want to do this and would prefer to use a code when i log in everytime.

    Is there anyway to to revert back to using 6 digit code every time i log in ?

    @Feek
     
    Last edited: 20 Oct 2021
  9. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,242

    Friends don't recommend friends Edge
     
  10. Yaayuh!

    Capodecina

    Joined: 5 Nov 2010

    Posts: 21,848

    It's not bad now. But also, none of you guys are my friends ;)
     
  11. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,242

    :(:eek:
     
  12. fez

    Capodecina

    Joined: 22 Aug 2008

    Posts: 17,614

    Location: Tunbridge Wells

    Where is this dominoes falling coming from. All you accounts don't suddenly become compromised when a certain number do. There are probably 2 accounts out of hundreds I have that are genuinely vital to my security and the rest of them are completely isolated from anything else. Yes, if you are stupid enough not to have 2FA on your gmail and someone gets into that then you are in trouble. If that happens though it doesn't matter about your 2FA in many cases because they have the keys to the kingdom. They certainly wouldn't be worrying about your OcUK account.
     
  13. touch

    Capodecina

    Joined: 28 Oct 2006

    Posts: 11,967

    Location: Sufferlandria

    You will still be asked for the code every time you log in. The "remember me" checkbox stores your login state so it won't ask you to log in again for 30 days but after those 30 days you'll need to log in with a 2fa code. If you use another computer or browser it wont have the stored login state in it so you'll be asked to login with a 2fa code regardless of whether the 30 days saved login has expired on your main pc or not.
    If somebody else has your password and tries to login without having access to your computer (which I guess is what you're getting at?) then they will be asked for a 2fa code.

    If you still want to undo the "remember me" box you ticked, you can clear the cookies from your browser and it'll ask you to login again (same for all other sites you have saved logins for)
     
  14. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 233,635

    Location: In the radio shack

    Deleting your cookies should do it. Then when you log back in, don't tick the box to trust the device for 30 days.

    I think being forced to do it every time is a little extreme though.
     
  15. McGray

    Soldato

    Joined: 8 Dec 2008

    Posts: 5,531

    I need to change my e-mail address but the one I want to change it to is banned by admin?

    I think it's from when I got locked out of my main account so made a new one with that address which has since been removed.
     
  16. b0rn2sk8

    Sgarrista

    Joined: 9 Mar 2003

    Posts: 9,203

    For the exact reason the mods have set out, I didn’t specifically refer to my dominos. It’s not all about me and my security, as a member of this community I also have a duty to others.

    My compromised forum account could be used to scam others which isn’t acceptable in my view. The MM is all about reputation, as soon as a few scammers are successful, it’s done.

    I guess I just have a different outlook on life and community :).
     
  17. Armageus

    Don

    Joined: 19 May 2012

    Posts: 13,139

    Location: Spalding, Lincolnshire

    Why do you need to login to the forums in 3 different browsers on each device? That is not normal usage by any stretch of the imagination
     
  18. Armageus

    Don

    Joined: 19 May 2012

    Posts: 13,139

    Location: Spalding, Lincolnshire

    Post in FCD and I'm sure an admin can sort something
     
  19. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 233,635

    Location: In the radio shack

    Start a thread in FCD please.
     
  20. mickyflinn

    Capodecina

    Joined: 23 Mar 2011

    Posts: 12,559

    Location: West Side

    @touch @Feek tx for your replys.


    Feek as for logging in the 30 days is pre ticked maybe you should have to choose it rather than pre ticked as with stay logged in.