**** Please enable 2FA on your OcUK forum account ****
- Thread starter Feek
- Start date
Nope, if you disable it then you won't be able to use the forums.
/sighIt's intentional
The spread of this 2FA plague is really becoming a major annoyance >.>
*EDIT*
Instead of disabling users forum account how about setting the opt out to disable users MM access? Would avoid inconveniencing users unnecessarily.
Soldato
Not sure how 2FA can be called a plague. It's a little less convenient, sure. But the security advantage is large.
Commissario
Security advantage for banking, stores and such make sense, but forums?
I suppose MM is creating an exception though.
Where peoples money is involved, we take matters seriously. There have been a handful of 'compromised' accounts recently (not just those referred to in this thread) where people have reused passwords and there have been fake threads created in the MM. Fortunately, each instance has been quite obvious and nobody has been caught out.
The last thing we want is for anyone to have any second thoughts about buying in the MM, it needs to be as safe as possible.
2FA is hardly an inconvenience. It takes a few seconds to set up and requires entering a code once a month.
Ahh that sucks, well at least you tried. Better than most sites.Unfortunately it doesn't look like we can do it that way
We looked into it.
It's a bandwagon plague sweeping the internet and inconveniencing millions of people for little value. It's essentially a system to stop stupid people from getting hacked after they give away the password/email they use for every site when they fall for a Facebook scam and share their DOB, fav colour, mothers name, etc.
The really annoying thing is that the people who don't need this are the ones who get impacted the most as the more tech savvy are the ones more likely to login from different machines/locations.
The security advantages for anyone not stupid are basically zero as they don't share the answers to secret questions on Facebook or use the same login for every sit eon the internet. Hell online security is less important now than it used to be as password complexity isn't as important as it used to be these days because brute forcing protection is a standard thing on any site.
The funny thing is, banks and payment services are adding "2FA" login as a requirement now (usually via SMS /vomit) when most of them have already had MFA for years anyway (I.E Natwest has required both online banking password and card pin for online banking since the 90's).
Man of Honour
It's a bit more than that in some circumstances.
I don't have a handheld networked computer, so no apps for me. OK, email it is. More inconvenient as I have to open and log into my email bridge for better privacy/security then open and log into my email client. No 2FA code email from OcUK. Hmm...give it a few minutes. Nope. Then I remembered that OcUK forums don't allow users to have alerts within the forum only so I had to set up a rule to send all email from the OcUK forums to the bin because I was being spammed with dozens of email alerts every day.
Maybe I'll buy a Yubikey. They look convenient and useful.
That's what my ex-wife said
Soldato
I have had to enable email as I am too stupid to work out how to put the app on - I kid you not I hadn't got a clue when it was asking for all sorts of things. The joys of being old and not that tech savy and only using mobiles as a phone. 
Soldato
Fortuntely i had to install Authy on my phone for work last week so getting through the 2FA was pretty smooth although its still a bit fo a ballache to have 2FA on everything now days.
It's worth it though to keep my access to the MM. Does everyone need 2FA or it just those with MM access?
It's worth it though to keep my access to the MM. Does everyone need 2FA or it just those with MM access?
It will force it for anyone with MM access.
Anyone who has been a member for longer than six months and has made more than 1,000 posts.
I feel your pain, I couldn’t scan the QR code no matter what I did and I’m reasonably computer savvy.
Neither could my wife, the brains of the outfit, and she’s endowed with bucket loads of common sense.
I wrote the two lots of three number codes in and it allowed me to log on, but I can imagine deleting them by accident and being unable to log on, even though I’ve entered the back up codes in NOTES.
So if you no longer get anything from me, it isn’t because I don’t like you, I’ll be outside with my nose pressed against the windows, wondering what I did wrong, or didn’t do right.
Still, I’ll be no loss, as an American ex often said, “This is Jean-François, he marches to the beat of a different drum!”
Associate
- Joined
- 29 Oct 2019
- Posts
- 1,002
Not necessarily for everyone, it would be a major inconvenience since my cookies are cleared every time I close my browser. The security improvement for me would be negligible since I use a strong randomly generated password with a password manager (KeePass), but I can see why it would be a requirement for people that have access to MM. I wouldn't be able to set it up anyway since OCUK won't allow me to update my email address (ProtonMail).