Discussion in 'General Discussion' started by Feek, 14 Oct 2021.
I misread the link, sorry.
My work use Google authenticator on our personal devices for a log in to the remote server. Recently had an issue where I couldn't charge my phone as it thought it had moisture in the charging port and was quickly running out of battery. Would have been a good way to get out of working.
Only gripe is the 30 days. If you can remove that or increase to 60/90 days will be much appreciated
You quoted me but I didn't post that, lol.
Then there would be a backup way, i.e use another user.
Nah I'll let the Russians have my account. I don't use creds here that I use elsewhere, the email is an old one I barely use and my authenticator is already chock full. How many have had their accounts compromised? A symptom of something more sinister?
Cool, didn't know you could have installed on multiple devices, I have it on my iPhone, if I install on my iPad is it easy to sync the one time codes?
A good alternative to Google Authenticator is Aegis, open source and allows you to take encrypted backups of your 2FA details in case you lose your mobile device.
Personally I use KeepassXC
It's still a pain and IMO rather unnecessary
It's been nice knowing you.
Authenticators have a limit?
Even one is one too many.
For the record, it will be compulsory to have 2FA on for anyone who has MM access soon.
That's why I wound up turning it off on this site. 30 days per device just became irritating.
Is there 2FA on the ocuk shop account or any plans to?
Left my previous place of employment last Feb and my manager immediately disabled 2FA on every site I had enabled it on because a handful of people complained it was too difficult to use and a massive inconvenience.
A year and a single phishing email later, some Russians walked on to their network and Hello Kitty ran riot which cost them their entire domain and over a million pounds.
I love 2FA/MFA and would expect every single person on a computer forum such as this to be using it.
I love two factor. I use it pretty much everywhere I can, but I feel like I'm constantly getting nagged to sign into some service again because of the short expirations. And it's usually always when I've left my phone in another room.
My company has forced two factor for domain/email logins which is great. But they also disabled all biometric login options through group policy (fingerprint scanner, Windows hello face scan etc) so I now have a really weak windows/email password that I have to remember to login with quickly rather than a secure randomly generated one
I hope you are feeling quite smug! I remember you mentioning that place was not the greatest!
Loved the place, loved most of the staff and people I worked with but a single complaint from one user often led to management forcing policy changes on IT so I was just glad not to be there when it happened.
A lot of my former colleagues, who are also close friends, were run in to the ground churning our devices for almost two months straight. They were promised double time but had to fight for time and half when the original offer was removed after the work was complete.
Thank you for the heads up, enabled 2FA via an authenticator app now, but previously had 2FA via email setup.
Quick question - does it matter if both email and app authentication are enabled? Will the forums know to use the authenticator app first, or should I deactivate the email option?
Apologies it asked already, but couldn't see the question in the thread.
UPDATE: Just tried to login via a different browser (Edge) and it defaults to requesting the Authenticator App codes - with options for Email and Backup codes below. So I guess the question becomes whether the email option is an unnecessary option if using the app method, and you should only use one option + the backup codes?
This is the issue, make things too complicated and it doesn't quite work out as planned.
I still store my OTP and creds in a password manager (for everything but critical banking etc), so one complex password and knowing my email for the password manager is all that is required, but I do find this removes any barrier to using 2FA where ever I can. Banking/Financial/Legal stuff I do not store the 2FA's together, they are separate.
Separate names with a comma.