1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

**** Please enable 2FA on your OcUK forum account ****

Discussion in 'General Discussion' started by Feek, 14 Oct 2021.

  1. Werewolf

    Commissario

    Joined: 17 Oct 2002

    Posts: 30,146

    Location: Panting like a fiend

    Forum Content Discussion at the bottom of the "life" (this) section of the forums, under GD, Motors, Film etc.
     
  2. rIcK

    Wise Guy

    Joined: 5 Jan 2004

    Posts: 1,462

    I guess ultimately 2FA is worth it for stuff that matters ( emails, bank accounts). A forum where you can post stuff and that's about it feels a little overkill for forced 2FA?
     
  3. Mel_P

    Wise Guy

    Joined: 27 Feb 2004

    Posts: 2,331

    Location: Kent

    This works on my PC etc. but couldn't get it to work on my Android phone.

    I have webmail on my phone and if I open this, then go to the browser and open OCUK Forum it opens and says it has sent me a code. When I go back to the OCUK screen again it says it has sent me a code. The code I get is always 1 step behind the OCUK code input screen as I an only have one app open at a time!!

    How do I get around this please? Mel
     
  4. EVH

    Don

    Joined: 11 Mar 2004

    Posts: 28,802

    Location: Wales

    There's a lot of money changing hands in the member's market. There is no way to specify a granular level of control for those who don't want to use it (and by proxy give up their right to use the MM), so it's on for everyone.

    The argument that certain sites don't warrant 2FA is a sticky one... who defines which sites are overkill and which aren't? I personally have it enabled everywhere that I can, but I can see what you're saying.

    My personal feeling is that databases get leaked and passwords dumped all the time. I want to protect myself from any future leak, even if I know all my logins are unique. It only takes one re-used password somewhere and some nefarious person could be snooping on a site that does matter. For the sake of an extra 30s a month, that's a trade off I can reasonably make.
     
  5. Lighters

    Wise Guy

    Joined: 11 Jun 2006

    Posts: 1,537

    All sorted - thanks all!
     
  6. DXP55

    Soldato

    Joined: 5 Aug 2013

    Posts: 5,151

    Location: Shropshire

    I have two logins -one for shop and one for forum-- seems I have messed up the shop one.

    As usual with this sort of problem I am on the point of throwing whole lot out of the window -So will come back another day.
    Thanks all - at least forum 2FA has worked on email.
     
  7. Petrolhead

    Wise Guy

    Joined: 7 Jul 2008

    Posts: 1,239

    Location: Newcastle upon Tyne

    Just logged in, been a few weeks since the last time. 2FA!!! Jesus I thought I was logging into a bank account or paypal etc.

    Is this now manditory?
     
  8. touch

    Capodecina

    Joined: 28 Oct 2006

    Posts: 11,967

    Location: Sufferlandria

    If you're this easily confused into thinking other unrelated websites are your bank then it's probably best you have some additional security.
     
  9. SexyGreyFox

    Man of Honour

    Joined: 29 Mar 2003

    Posts: 53,204

    Location: Stoke on Trent

    Post of the day
     
  10. Petrolhead

    Wise Guy

    Joined: 7 Jul 2008

    Posts: 1,239

    Location: Newcastle upon Tyne

    Haha and your my bank manager :cry:

    But Is this now mandetory?
     
  11. visibleman

    Wise Guy

    Joined: 3 Jun 2005

    Posts: 1,901

    Location: The South

    [​IMG]

    All on page 1, first post - https://forums.overclockers.co.uk/posts/35166113
     
  12. jaybee

    Soldato

    Joined: 10 Jul 2008

    Posts: 5,721

    I think this thread highlights why so many people "get hacked" and face issues with accounts being compromised. Of all the kinds of forums out there, OCUK, a place you would expect largely technically literate folk to frequent, we have pages and pages of complaints about how much of an impact this is on them and how hard it is to setup and what not. I'm baffled. Even if I had to download the authenticator app from scratch from the playstore, I still think I could get in for the first time in under 1 minute. Then it's done. I just logged in from a different device and got a pop up and it took me all of 10 seconds to pick up my phone and type in a code which will last for 30 days so...
     
  13. Petrolhead

    Wise Guy

    Joined: 7 Jul 2008

    Posts: 1,239

    Location: Newcastle upon Tyne

    So, looking at this comment "We strongly encourage you to enable two factor authentication (2FA) on your OcUK forum account." I assume its not madatory then :)
     
  14. Surveyor

    Capodecina

    Joined: 5 Sep 2010

    Posts: 24,114

    Your assumption is incorrect.
     
  15. Petrolhead

    Wise Guy

    Joined: 7 Jul 2008

    Posts: 1,239

    Location: Newcastle upon Tyne

    :rolleyes:
     
  16. SexyGreyFox

    Man of Honour

    Joined: 29 Mar 2003

    Posts: 53,204

    Location: Stoke on Trent

    How does this work, I have to use it to login to the NHS every day?
    Where's the info so it works with OCUK?

    Ta
     
  17. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 233,689

    Location: In the radio shack

    See that picture in the very first post of this thread?

    Go into the Two-Step Verification settings in your profile and select to use an app. Scan the QR code with your authenticator and that's it.
     
  18. DeliciousStorage

    Hitman

    Joined: 29 Oct 2019

    Posts: 610

    It would be a trivial task in XenForo to only allow access to MM if you have 2FA enabled. Problem is that if someone's account is stolen then the hacker can just enable 2FA themselves to gain access. I'd suggest giving people the option to permanently disable MM access on their accounts to remove the 2FA requirement.
     
  19. Armageus

    Don

    Joined: 19 May 2012

    Posts: 13,144

    Location: Spalding, Lincolnshire

    Clearly it isn't, hence why it hasn't been done, but obviously you know better than the admins and web developers as to how this forum is specifically set up
     
  20. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,275

    TRIVIAL

    :D:o