Pages:
Author

Topic: 2FA added - page 3. (Read 1888 times)

legendary
Activity: 2758
Merit: 6830
December 23, 2023, 10:03:13 PM
#67
It is just okay to disable/enable again the 2FA without issue right? I forgot to take down mine earlier forgot that the QR and Secret key don't appear at all on the Google Authenticator.
Yes! You can do that with pretty much every website. Of course some will disable your withdrawals for a week or so for security reasons, but that’s all.

On the forum there is no penalty at all, so suit yourself. Smiley
legendary
Activity: 1750
Merit: 1329
Top Crypto Casino
December 23, 2023, 09:44:10 PM
#66
But the reason is that 2FA apps are so hard to recover if access is lost to them. OR I think I should start using them more to learn about them.
You can usually write down the secret token used for the 2FA, or sometimes when the website only shows you the QR code, save it and print it. That's your backup. Wink

It is just okay to disable/enable again the 2FA without issue right? I forgot to take down mine earlier forgot that the QR and Secret key don't appear at all on the Google Authenticator.
legendary
Activity: 2758
Merit: 6830
December 23, 2023, 07:13:54 PM
#65
But the reason is that 2FA apps are so hard to recover if access is lost to them. OR I think I should start using them more to learn about them.
You can usually write down the secret token used for the 2FA, or sometimes when the website only shows you the QR code, save it and print it. That's your backup. Wink
sr. member
Activity: 2520
Merit: 280
Hire Bitcointalk Camp. Manager @ r7promotions.com
December 23, 2023, 05:54:56 PM
#64
But the reason is that 2FA apps are so hard to recover if access is lost to them. OR I think I should start using them more to learn about them.

It depends on which authenticator app that you are using?

Google Authenticator doesn't support the export/import function, so you need to have access to the application if you are about to switch devices whereas Authy is one of the popular 2FA app that works on multiple devices when you login to your account.

In the worst case if you can't recover the 2FA app, just restore the authentication using the provided recovery/secret key on another device.
sr. member
Activity: 1400
Merit: 420
December 23, 2023, 12:27:36 PM
#63
Thanks to PowerGlove, who did 90% of the work on this, the much-requested 2-factor authentication feature has finally been added. You can enable it in your Account Settings, and then you have to give the code when logging in. If you don't have 2FA enabled, you have to leave the OTP field blank when logging in.

If you use the forgotten-password function, then there's an option to remove the 2FA. So 2FA does not provide any protection in case of a compromised email. Make sure that your email address is secure. If you don't want to set an email address, use something like [email protected]; don't use a random nonsense email like [email protected], since somebody might create that domain/email.

Let me know if there are any bugs.
This is really a good news for us. Because our account will get more security for this features. 2FA is a high quality security system so Forum account will now very secure.

Thanks Theymos
Thanks PowerGlove (For working with Theymos for addeding this great feature)
hero member
Activity: 1428
Merit: 513
Payment Gateway Allows Recurring Payments
December 23, 2023, 10:46:17 AM
#62
Both are a same thing, you scan the QR code or input the setup key on your 2FA apps, the difference is you don't have to type each character if you scan the QR code. Cheesy
I am not a regular user of 2FA authenticator, to be honest, I tested it only once, so now I remember we have to give some code or key in order to verify it from there. If that's what you meant by giving the code on the 2FA app, well, it is a good thing to have it. But the reason is that 2FA apps are so hard to recover if access is lost to them. OR I think I should start using them more to learn about them.
legendary
Activity: 1778
Merit: 1474
🔃EN>>AR Translator🔃
December 23, 2023, 09:09:18 AM
#61
Congratulations to the forum on these new updates, and congratulations to all who will be able to benefit from these procedures. I also hope they can hear about them since it is assumed that they are no longer users of the forum after they were already banned. We all know that most of them certainly use an alternative account in secret, but this cannot be acknowledged publicly without providing proof, which is not within our topic now at all.

As I always used to, I try to present new approaches from different points of view within the framework of legitimate debate. Two points came to mind that I think are very important:
- Firstly, just as this measure will help those who lost their accounts due to mistakes they committed in the past out of ignorance to give them a second chance, it will also give the opportunity to a large number of users for whom plagiarism was their favorite hobby because they are truly unable to produce good publications, whether that be to obtain merit points to upgrade membership or to achieve the post-quality required to join one of the signature campaigns.
- Secondly, is the timing of this update, which came suddenly without previously announced planning, because I had not previously heard that a measure like this could be taken, as I am convinced of the seriousness of the forum’s management in dealing with such cases (Plagiarism). Is it possible that the recent forum-ban regarding the presence of mixer companies’ activities, which caused many of them to move to other forums, will be an incentive to maintain traffic coming to the forum, given that a significant number of users will join mixer signature campaigns on other forums? This is just a possibility and I could be wrong, but it remains interesting for discussion.

Just my Two cents  Wink
Cheers,
sr. member
Activity: 336
Merit: 292
20BET - Premium Casino & Sportsbook
December 23, 2023, 07:55:45 AM
#60
Thanks for bringing additional security layer to the this forum. I was thinking from the start that 2FA feature should be available high rank accounts are most worthy and hacker have advance tool to hack common passwords.

I will try later to add 2fa later and I hope i will not face any problem. I am using real gmail already opened in my mobile with full access. If i lost 2fa ,i hope my email will be enough to recover it
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 23, 2023, 07:27:45 AM
#59
An applause worthy development. I have, on several cases imagined how to get my forum account secured and often wished for a 2fA integration and it just arrived promptly as expected.

However, I will await feedbacks from those who have used it and know which approach is best, talking about the emails, as stated by OP.
Give it a try. I have enabled 2FA and it worked without any issues. And about getting the code through email, I think it doesn't matter much. Besides I have been using google Authenticator and Authy for years, never encountered any bugs or sync issue. Also you can backup your keys set passwords. So it's pretty secure and protected.
sr. member
Activity: 420
Merit: 376
December 23, 2023, 07:19:38 AM
#58
When I saw OTP, I thought, “What kind of bullshit is this?” Smiley Only by hovering the cursor over these letters did I read the comment about 2FA.

It turns out that if the 2FA option is enabled, a code will be sent to your email to confirm login to your account? Did I understand everything correctly?
No, no code will be sent to the email. If you want to enable  2FA security system on your account, you will need Google Authenticator. As you have added your Binance and KuCoin Exchange to Google Authenticator, you will see Secret (base32)I have covered with red mark and copy and add it to your Google Authenticator. Still, while logging in, copy and paste the OTP from Google Authenticator and login.






Helps and Beginner threads have a post about 2FA. If you see this post I think you will understand very easily
= https://bitcointalksearch.org/topic/newbies-how-to-use-the-2fa-security-system-in-the-account-5479003
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
December 23, 2023, 06:15:52 AM
#57
There's a URL on the icon in the 2FA - it leads to a parked domain advertisement.  Is this deliberate, or a blunder?




@Sandra_hakeem - no not IP addresses - phone numbers.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
December 23, 2023, 05:53:47 AM
#56
Long overdue. 2FA enabled, and there doesn't seem to be any problems with the implementation on my end.

You will get logged out if your password verification is not correct while editing the account settings though.

Hopefully, the number of alts might drop if/when 2FA becomes mandatory. (And new users should have to employ 2FA automatically)

This will not stop alt accounts at all since they can create many KeyPassXC login entries to store all the 2FA codes in.
copper member
Activity: 1498
Merit: 1619
Bitcoin Bottom was at $15.4k
December 23, 2023, 05:11:50 AM
#55
A much needed feature in 2023 when there are so many scams and phishing attempts going on, I appreciate this work from theymos and PowerGlove and will surely report any bug if I encounter.
I am sure with this, the account security will be way above the normal standards, 2FA is a great soluition.
legendary
Activity: 1750
Merit: 1329
Top Crypto Casino
December 23, 2023, 12:35:08 AM
#54
If you use the forgotten-password function, then there's an option to remove the 2FA. So 2FA does not provide any protection in case of a compromised email. Make sure that your email address is secure. If you don't want to set an email address, use something like [email protected]; don't use a random nonsense email like [email protected], since somebody might create that domain/email.
Adding additional 2FA for email address is also a good idea.
I noticed that whenever profile page is refreshed new shared secret and new QR code are generated, and that is good thing, but everyone make sure to backup everything correctly.

Im just wondering what if the user removes the 2FA unexpectedly on the device and how they will generate another QR again just to scan or even the code given so they can manually add it again to their device, after setting up that's the thought that comes up to my mind. Additionally, the Email feature is one of the most awaited added to the forum too.
hero member
Activity: 2338
Merit: 757
Top-tier crypto casino and sportsbook
December 22, 2023, 08:25:58 PM
#53
I cannot describe my happiness at activating this additional layer of protection because I needed it for a long time before I was surprised that my account was stolen after the forum servers were hacked in 2015, and I was forced to remain for more than a year without an account since the account recovery system was not activated until later in 2018 if i can well remember.
Today, I feel that hope has returned to everyone by removing the fears of losing their accounts for one reason or another, since all requests to activate additional protection layers remained on the shelves on the basis that their activation will be in the new version of the forum, which does not seem to see the light of day soon.
In general, thanks to the forum administration for giving this point sufficient attention, and I hope that more work will be done to study and support many other good suggestions, if the launch of the new forum software will be delayed further.
hero member
Activity: 1778
Merit: 907
December 22, 2023, 06:58:45 PM
#52
Congratulations on the excellent work that's being done on this forum. It's extremely pleasant to see users' suggestions implemented; it's a way of showing appreciation towards us, who use this forum, that our voices have been taken into account. The 2FA was quite a common inquiry on the Meta board, and it's finally here. It's a vital security element, especially for higher-ranking members, to ensure the safety of our forum and prevent potential scam attempts.

I was always positive about the 2FA implementation, and now that it's finally here, I'm going to enable it as soon as possible.
sr. member
Activity: 980
Merit: 282
Catalog Websites
December 22, 2023, 06:24:17 PM
#51
An applause worthy development. I have, on several cases imagined how to get my forum account secured and often wished for a 2fA integration and it just arrived promptly as expected.

However, I will await feedbacks from those who have used it and know which approach is best, talking about the emails, as stated by OP.

legendary
Activity: 3416
Merit: 1225
Enjoy 500% bonus + 70 FS
December 22, 2023, 05:33:13 PM
#50
I have to change my password through my email just to get in again I've used the 2FA it shows
Quote
BAD 2FA Make sure the clock on your 2FA device is correct

I don't know why I'm getting this error as all the other sites I'm using show a correct 2FA

I followed this instruction, it says the authentication is already synched with Google servers

Quote
To make sure that you have the correct time:
Go to the main menu on the Google Authenticator app.
Select Settings.
Select Time correction for codes.
Select Sync now.

Am I the only one any help will be appreciated.
legendary
Activity: 2212
Merit: 7064
December 22, 2023, 04:15:02 PM
#49
If you use the forgotten-password function, then there's an option to remove the 2FA. So 2FA does not provide any protection in case of a compromised email. Make sure that your email address is secure. If you don't want to set an email address, use something like [email protected]; don't use a random nonsense email like [email protected], since somebody might create that domain/email.
Adding additional 2FA for email address is also a good idea.
I noticed that whenever profile page is refreshed new shared secret and new QR code are generated, and that is good thing, but everyone make sure to backup everything correctly.

Let me know if there are any bugs.
Roger that.
Thanks for finally adding this feature

Thanks for all the congrats & stuff being left in this topic. Bitcointalk has become a lot more important to me than I expected when I joined. I'm grateful that I get to contribute to it in my own way, and I hope to keep doing that for a good while yet. Cheers!
We are waiting patiently for you next forum project Wink

Xal, is it safe to assume that this authentication process cannot be made to synchronize with just one device?.. cus scanning out the code on the app would definitely need two devices..
It's so easy to bypass that by using web cam on the same device (laptop or computer) that has installed software for storing shared secrets.

legendary
Activity: 1862
Merit: 5154
**In BTC since 2013**
December 22, 2023, 02:21:40 PM
#48
(...) the much-requested 2-factor authentication feature has finally been added.


(Thanks for letting me work on this, and for the valuable tweaks and additions that you made.) Wink

Congratulations on the excellent work that was done!

Without a doubt, a reinforcement of the forum's security, and proof that this forum is still very much alive and that it deserves the trust of its users.
Pages:
Jump to: