1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

**** Please enable 2FA on your OcUK forum account ****

Discussion in 'General Discussion' started by Feek, 14 Oct 2021.

  1. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,070

    Location: Liverpool

    Actually, if anyone wants a free premium Bitwarden account including OTP/2FA (hosted by me and encrypted with your own key) give me a shout and I'll hook you up. OcUK members only, and at your own risk*.



    * The server is backed up twice, onsite and offsite every 24h - and is protected by both Cloudflare and an OpenBSD firewall. Had zero issues in years, but... well, disclaimer disclaimer to be safe and all that.
     
  2. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 234,171

    Location: In the radio shack

    That's not even under consideration at the moment, no.
     
  3. Cooper

    Mobster

    Joined: 16 Jun 2004

    Posts: 2,937

    Feels I'm drowning under password resets and 2FA these days....It's all so so tiresome.
     
  4. MouthBoy

    Mobster

    Joined: 6 Apr 2010

    Posts: 2,754

    Location: Midlands

    Enabled. Thanks.
     
  5. MCFC_ANDY

    Wise Guy

    Joined: 9 Aug 2013

    Posts: 1,161

    done and dusted:cool:
     
  6. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,933

    u ok hun? txt me if u wanna chat x
     
  7. Blackjack Davy

    Soldato

    Joined: 16 Aug 2009

    Posts: 5,993

    Sigh.

    That runs on a regular PC, right?

    Sounds about right. By the way could you put that last part in english please?
     
  8. andy_mk3

    Capodecina

    Joined: 5 Oct 2009

    Posts: 11,658

    Location: Spalding, Lincs

    Done.

    Recently I have been getting into the habit of using random generated passwords for each site and using Bitwarden to autofill.
     
  9. im4gine3

    Hitman

    Joined: 7 Oct 2015

    Posts: 774

    done.
     
  10. Bouton Aide

    Suspended

    Joined: 9 Aug 2008

    Posts: 29,796

    It's been enabled since day 1 of the forum getting that feature. Everywhere I can enable it, it's enabled.

    I use Authy because there is a windows app. If I ever loose my phone I have a second way to get onto my accounts. I don't want to be left in a situation that I'm locked out of all my accounts until I purchase a new smart phone.

    I also use VaultWarden (Which is a fork of BitWarden) with 20 char random passwords, self hosted.
     
  11. Ahleckz

    Capodecina

    Joined: 7 Nov 2009

    Posts: 18,734

    Location: Glasgow

    I don’t use a password manager, and my password usage probably isn’t going to win any security awards.

    Should I take you up on your offer? I don’t know what most of it means. But you said premium, and free. Are you going to empty my bank account, both RBS and RuneScape?

    Educate me please! (Genuinely, I’m very ignorant with this sort of stuff!)
     
  12. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,933

    This is a lovely offer but nobody do this, lol
     
  13. FloppyPoppy

    Sgarrista

    Joined: 27 Jan 2012

    Posts: 7,635

    Location: The king of the north!

    Feeking hell i don't want to be compromised.
     
  14. Bouton Aide

    Suspended

    Joined: 9 Aug 2008

    Posts: 29,796

    I have to agree with this. While it's a nice offer you are not a business and hosting other peoples passwords if something happens you could end up in hot water. Please don't do this.

    If people want to put their data in the hands of others this is something you need to be looking at. The personal plan is free.

    Bitwarden Open Source Password Manager | Bitwarden
     
  15. Werewolf

    Commissario

    Joined: 17 Oct 2002

    Posts: 30,364

    Location: Panting like a fiend

    2FA via an app on your phone only takes ~30 seconds once a month which is worth it.

    I would suggest anyone who sets up two factor authentication via and app makes a note of the "backup" codes that the forum will generate and you keep them safe, as that way if the app isn't working/you lose your phone you've got IIRC 10 codes to last you until you get it paired with a new authenticator.
     
  16. LiE

    Capodecina

    Joined: 2 Aug 2005

    Posts: 22,941

    Location: Milton Keynes

    Microsoft Authenticator can be installed on a tablet as well. I have it installed on my iPad and my back up iPhone 6s.
     
  17. Rainmaker

    Sgarrista

    Joined: 18 Aug 2007

    Posts: 9,070

    Location: Liverpool

    Why? It's Bitwarden - everything is encrypted at rest, in transit and at all times. Only the account holder has the key. The (encrypted) database is backed up twice (on and off prem) daily, and stored further encrypted (AES256) in an rclone vault which is only accessible by my private key. I have a better setup than most orgs lol.

    I suggested Bitwarden in my post, but OTP isn't free, it's £10 a year. What hot water are you referring to? There's certainly no legislation applicable to private individuals. Best bet is to RTFM and set up your own, or pay Bitwarden the £10/year. Failing that the offer's open. It's a trivial matter to back up your own Bitwarden to a file once a month and store it safely in case I drop dead.
     
  18. dLockers

    Sgarrista

    Joined: 21 Jan 2010

    Posts: 8,933

    Because when you get hit by a bus/win the lottery; it's all gone?
     
  19. Cyber-Mav

    Capodecina

    Joined: 30 Jul 2005

    Posts: 16,672

    Location: Midlands

    Enable 4 factor authentication and they will send code to you in post by royal mail?
     
  20. Bouton Aide

    Suspended

    Joined: 9 Aug 2008

    Posts: 29,796

    You are one person. Not a business. You die who will take over the admin? As I said nice offer but if someone is going to do this at least put it in hands of a company with multiple people.