1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

**** Please enable 2FA on your OcUK forum account ****

Discussion in 'General Discussion' started by Feek, 14 Oct 2021.

  1. plasmahal

    Mobster

    Joined: 5 Feb 2006

    Posts: 4,549

    Done... :D
     
  2. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 233,726

    Location: In the radio shack

    I misread the link, sorry.
     
  3. Skillmister

    Capodecina

    Joined: 3 Oct 2009

    Posts: 19,815

    Location: Wales

    My work use Google authenticator on our personal devices for a log in to the remote server. Recently had an issue where I couldn't charge my phone as it thought it had moisture in the charging port and was quickly running out of battery. Would have been a good way to get out of working.
     
  4. Sho

    Mobster

    Joined: 21 Sep 2006

    Posts: 4,733

    Location: Oldham

    Only gripe is the 30 days. If you can remove that or increase to 60/90 days will be much appreciated
     
  5. beachBOYken

    Capodecina

    Joined: 18 Feb 2007

    Posts: 10,888

    Location: London

    You quoted me but I didn't post that, lol.

    Weird??
     
  6. Bouton Aide

    Caporegime

    Joined: 9 Aug 2008

    Posts: 29,572

    Then there would be a backup way, i.e use another user.
     
  7. d_brennen

    Capodecina

    Joined: 30 Jan 2009

    Posts: 16,731

    Location: Aquilonem Londinensi

    Nah I'll let the Russians have my account. I don't use creds here that I use elsewhere, the email is an old one I barely use and my authenticator is already chock full. How many have had their accounts compromised? A symptom of something more sinister?
     
  8. beachBOYken

    Capodecina

    Joined: 18 Feb 2007

    Posts: 10,888

    Location: London

    Cool, didn't know you could have installed on multiple devices, I have it on my iPhone, if I install on my iPad is it easy to sync the one time codes?
     
  9. TangoEchoAlpha

    Wise Guy

    Joined: 13 Jun 2016

    Posts: 1,195

    Location: UK

    A good alternative to Google Authenticator is Aegis, open source and allows you to take encrypted backups of your 2FA details in case you lose your mobile device.

    Personally I use KeepassXC :)
     
  10. Skillmister

    Capodecina

    Joined: 3 Oct 2009

    Posts: 19,815

    Location: Wales

    It's still a pain and IMO rather unnecessary
     
  11. Feek

    Commissario

    Joined: 16 Oct 2002

    Posts: 233,726

    Location: In the radio shack

    It's been nice knowing you.

    Authenticators have a limit?

    Even one is one too many.
     
  12. Maccy

    Commissario

    Joined: 23 Nov 2004

    Posts: 38,966

    Location: Herts

    For the record, it will be compulsory to have 2FA on for anyone who has MM access soon.
     
  13. McPhee

    Soldato

    Joined: 17 Apr 2009

    Posts: 7,240

    That's why I wound up turning it off on this site. 30 days per device just became irritating.
     
  14. beachBOYken

    Capodecina

    Joined: 18 Feb 2007

    Posts: 10,888

    Location: London

    Is there 2FA on the ocuk shop account or any plans to?
     
  15. Pigeon_Killer

    Caporegime

    Joined: 21 Nov 2005

    Posts: 36,200

    Location: Cornwall

    Left my previous place of employment last Feb and my manager immediately disabled 2FA on every site I had enabled it on because a handful of people complained it was too difficult to use and a massive inconvenience.

    A year and a single phishing email later, some Russians walked on to their network and Hello Kitty ran riot which cost them their entire domain and over a million pounds.

    I love 2FA/MFA and would expect every single person on a computer forum such as this to be using it.
     
  16. Pho

    Sgarrista

    Joined: 18 Oct 2002

    Posts: 9,240

    Location: Derbyshire

    This!

    I love two factor. I use it pretty much everywhere I can, but I feel like I'm constantly getting nagged to sign into some service again because of the short expirations. And it's usually always when I've left my phone in another room.

    My company has forced two factor for domain/email logins which is great. But they also disabled all biometric login options through group policy (fingerprint scanner, Windows hello face scan etc) so I now have a really weak windows/email password that I have to remember to login with quickly rather than a secure randomly generated one :rolleyes:
     
  17. Jimbeam3678

    Capodecina

    Joined: 8 Dec 2002

    Posts: 18,494

    Location: North Yorkshire

    I hope you are feeling quite smug!:D I remember you mentioning that place was not the greatest!
     
  18. Pigeon_Killer

    Caporegime

    Joined: 21 Nov 2005

    Posts: 36,200

    Location: Cornwall

    Loved the place, loved most of the staff and people I worked with but a single complaint from one user often led to management forcing policy changes on IT so I was just glad not to be there when it happened.

    A lot of my former colleagues, who are also close friends, were run in to the ground churning our devices for almost two months straight. They were promised double time but had to fight for time and half when the original offer was removed after the work was complete.
     
  19. Timber

    Wise Guy

    Joined: 21 Oct 2002

    Posts: 1,479

    Location: South East England

    Thank you for the heads up, enabled 2FA via an authenticator app now, but previously had 2FA via email setup.

    Quick question - does it matter if both email and app authentication are enabled? Will the forums know to use the authenticator app first, or should I deactivate the email option?

    Apologies it asked already, but couldn't see the question in the thread.

    UPDATE: Just tried to login via a different browser (Edge) and it defaults to requesting the Authenticator App codes - with options for Email and Backup codes below. So I guess the question becomes whether the email option is an unnecessary option if using the app method, and you should only use one option + the backup codes?
     
    Last edited: 15 Oct 2021
  20. Demon

    Soldato

    Joined: 22 Oct 2002

    Posts: 7,244

    Location: Near Cheltenham

    This is the issue, make things too complicated and it doesn't quite work out as planned.

    I still store my OTP and creds in a password manager (for everything but critical banking etc), so one complex password and knowing my email for the password manager is all that is required, but I do find this removes any barrier to using 2FA where ever I can. Banking/Financial/Legal stuff I do not store the 2FA's together, they are separate.