Jump to content

2 Factor authentication


Cipher-032
 Share

This thread is over three months old. Please be sure that your post is appropriate as it will revive this otherwise old (and possibly forgotten) topic.

Recommended Posts

Just in the process of speaking to the Forum admins.

Ive had a recent breach of security on my account. And a very dodgy advert was posted under my account.

Of which the admins have done their job. But the actual guilty party here now has had been told off for something Ive not done. (Dont take this the wrong way, as stated speaking to Jedi_Master on this)

A lot of places do 2 factor authentication. Im not sure if a system can be put in place for here? Its saved my accounts many times before for gaming etc.



 

Screenshot 2022-10-24 175659.png

Link to comment
Share on other sites

Not sure you can really draw a link between the implementation of multi-factor authentication and a mass password reset. The blog post I found on Invision about implementing this suggests that it's optional (or can be set as such). Is there any reason you wouldn't want people to have the option to enhance their security?

 

 

Link to comment
Share on other sites

  • Supporters

Ah, fair enough, if it's optional - I'm a bit sulky because my work laptop's "single sign in" has turned into "mandatory long email address, 15 character passwords, and 2FA multiple times a day".

 

I would still note that anyone minded to swipe right could just change their password to something unique and randomly generated.  Sure, data breaches, but in the event of a mass breach we're all pretty much hosed.

Link to comment
Share on other sites

Seems reasonable, having it inflicted on you at work is one thing, having to put up with it in your own time is another.

 

That said, the statement from the OP about "It's saved my accounts many times" isn't a great sign...

 

I could bore on about this at length (but thankfully won't) about why it's great and you should turn it on for everything you can (Amazon, Insta, etc.) Suffice to say, password managers and a hardware based MFA method like Yubikey are the way to go, if your system supports it.

Link to comment
Share on other sites

  • Root Admin

2FA via Google Authenticator is now enabled. You may set this up here: https://airsoft-forums.uk/settings/account-security/

This will remain an optional - encouraged - choice, but it's there nontheless for those who want it. It's only currently configured to prompt when changing certain account settings or when logging in from a new device. New users will be informed of this feature when signing in for the first time.

Link to comment
Share on other sites

  • 2 weeks later...
On 31/10/2022 at 09:35, proffrink said:

2FA via Google Authenticator is now enabled. You may set this up here: https://airsoft-forums.uk/settings/account-security/

This will remain an optional - encouraged - choice, but it's there nontheless for those who want it. It's only currently configured to prompt when changing certain account settings or when logging in from a new device. New users will be informed of this feature when signing in for the first time.


Blimey thank you. This will save a lot of agro and certainly help stop people hijacking accounts

Link to comment
Share on other sites

This thread is over three months old. Please be sure that your post is appropriate as it will revive this otherwise old (and possibly forgotten) topic.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...