**** Please enable 2FA on your OcUK forum account ****

Soldato
Joined
3 Oct 2009
Posts
19,892
Location
Wales
Why the push for 2FA if there has been no security breach? securing an email address is basic internet that most people have managed for 20+ years.

What with the COVID passports will people be able to do anything in the future without a mobile phone? hey guys link everything to your mobile phone so we can monitor all of your text messages and see all of your accounts and whenever you login. Bye bye privacy.

Chinese social credit system here we come.
My work use Google authenticator on our personal devices for a log in to the remote server. Recently had an issue where I couldn't charge my phone as it thought it had moisture in the charging port and was quickly running out of battery. Would have been a good way to get out of working.
 
Soldato
Joined
30 Jan 2009
Posts
17,175
Location
Aquilonem Londinensi
Nah I'll let the Russians have my account. I don't use creds here that I use elsewhere, the email is an old one I barely use and my authenticator is already chock full. How many have had their accounts compromised? A symptom of something more sinister?
 
Associate
Joined
13 Jun 2016
Posts
1,499
Location
UK
A good alternative to Google Authenticator is Aegis, open source and allows you to take encrypted backups of your 2FA details in case you lose your mobile device.

Personally I use KeepassXC :)
 
Caporegime
Joined
21 Nov 2005
Posts
40,285
Location
Cornwall
Left my previous place of employment last Feb and my manager immediately disabled 2FA on every site I had enabled it on because a handful of people complained it was too difficult to use and a massive inconvenience.

A year and a single phishing email later, some Russians walked on to their network and Hello Kitty ran riot which cost them their entire domain and over a million pounds.

I love 2FA/MFA and would expect every single person on a computer forum such as this to be using it.
 

Pho

Pho

Soldato
Joined
18 Oct 2002
Posts
9,324
Location
Derbyshire
That's why I wound up turning it off on this site. 30 days per device just became irritating.

This!

I love two factor. I use it pretty much everywhere I can, but I feel like I'm constantly getting nagged to sign into some service again because of the short expirations. And it's usually always when I've left my phone in another room.

My company has forced two factor for domain/email logins which is great. But they also disabled all biometric login options through group policy (fingerprint scanner, Windows hello face scan etc) so I now have a really weak windows/email password that I have to remember to login with quickly rather than a secure randomly generated one :rolleyes:
 
Soldato
Joined
8 Dec 2002
Posts
20,077
Location
North Yorkshire
Left my previous place of employment last Feb and my manager immediately disabled 2FA on every site I had enabled it on because a handful of people complained it was too difficult to use and a massive inconvenience.

A year and a single phishing email later, some Russians walked on to their network and Hello Kitty ran riot which cost them their entire domain and over a million pounds.

I love 2FA/MFA and would expect every single person on a computer forum such as this to be using it.

I hope you are feeling quite smug!:D I remember you mentioning that place was not the greatest!
 
Caporegime
Joined
21 Nov 2005
Posts
40,285
Location
Cornwall
I hope you are feeling quite smug!:D I remember you mentioning that place was not the greatest!
Loved the place, loved most of the staff and people I worked with but a single complaint from one user often led to management forcing policy changes on IT so I was just glad not to be there when it happened.

A lot of my former colleagues, who are also close friends, were run in to the ground churning our devices for almost two months straight. They were promised double time but had to fight for time and half when the original offer was removed after the work was complete.
 
Associate
Joined
21 Oct 2002
Posts
1,816
Location
East England
Thank you for the heads up, enabled 2FA via an authenticator app now, but previously had 2FA via email setup.

Quick question - does it matter if both email and app authentication are enabled? Will the forums know to use the authenticator app first, or should I deactivate the email option?

Apologies it asked already, but couldn't see the question in the thread.

UPDATE: Just tried to login via a different browser (Edge) and it defaults to requesting the Authenticator App codes - with options for Email and Backup codes below. So I guess the question becomes whether the email option is an unnecessary option if using the app method, and you should only use one option + the backup codes?
 
Last edited:
Soldato
Joined
22 Oct 2002
Posts
8,234
Location
Near Cheltenham
This!

I love two factor. I use it pretty much everywhere I can, but I feel like I'm constantly getting nagged to sign into some service again because of the short expirations. And it's usually always when I've left my phone in another room.

My company has forced two factor for domain/email logins which is great. But they also disabled all biometric login options through group policy (fingerprint scanner, Windows hello face scan etc) so I now have a really weak windows/email password that I have to remember to login with quickly rather than a secure randomly generated one :rolleyes:

This is the issue, make things too complicated and it doesn't quite work out as planned.

I still store my OTP and creds in a password manager (for everything but critical banking etc), so one complex password and knowing my email for the password manager is all that is required, but I do find this removes any barrier to using 2FA where ever I can. Banking/Financial/Legal stuff I do not store the 2FA's together, they are separate.
 
Back
Top Bottom