Topic: 2FA added - page 3. (Read 1711 times)

Yes! You can do that with pretty much every website. Of course some will disable your withdrawals for a week or so for security reasons, but that’s all.

On the forum there is no penalty at all, so suit yourself.

It is just okay to disable/enable again the 2FA without issue right? I forgot to take down mine earlier forgot that the QR and Secret key don't appear at all on the Google Authenticator.

You can usually write down the secret token used for the 2FA, or sometimes when the website only shows you the QR code, save it and print it. That's your backup.

It depends on which authenticator app that you are using?

Google Authenticator doesn't support the export/import function, so you need to have access to the application if you are about to switch devices whereas Authy is one of the popular 2FA app that works on multiple devices when you login to your account.

In the worst case if you can't recover the 2FA app, just restore the authentication using the provided recovery/secret key on another device.

This is really a good news for us. Because our account will get more security for this features. 2FA is a high quality security system so Forum account will now very secure.

Thanks Theymos
Thanks PowerGlove (For working with Theymos for addeding this great feature)

I am not a regular user of 2FA authenticator, to be honest, I tested it only once, so now I remember we have to give some code or key in order to verify it from there. If that's what you meant by giving the code on the 2FA app, well, it is a good thing to have it. But the reason is that 2FA apps are so hard to recover if access is lost to them. OR I think I should start using them more to learn about them.

Congratulations to the forum on these new updates, and congratulations to all who will be able to benefit from these procedures. I also hope they can hear about them since it is assumed that they are no longer users of the forum after they were already banned. We all know that most of them certainly use an alternative account in secret, but this cannot be acknowledged publicly without providing proof, which is not within our topic now at all.

As I always used to, I try to present new approaches from different points of view within the framework of legitimate debate. Two points came to mind that I think are very important:
- Firstly, just as this measure will help those who lost their accounts due to mistakes they committed in the past out of ignorance to give them a second chance, it will also give the opportunity to a large number of users for whom plagiarism was their favorite hobby because they are truly unable to produce good publications, whether that be to obtain merit points to upgrade membership or to achieve the post-quality required to join one of the signature campaigns.
- Secondly, is the timing of this update, which came suddenly without previously announced planning, because I had not previously heard that a measure like this could be taken, as I am convinced of the seriousness of the forum’s management in dealing with such cases (Plagiarism). Is it possible that the recent forum-ban regarding the presence of mixer companies’ activities, which caused many of them to move to other forums, will be an incentive to maintain traffic coming to the forum, given that a significant number of users will join mixer signature campaigns on other forums? This is just a possibility and I could be wrong, but it remains interesting for discussion.

Just my Two cents  
Cheers,

Thanks for bringing additional security layer to the this forum. I was thinking from the start that 2FA feature should be available high rank accounts are most worthy and hacker have advance tool to hack common passwords.

I will try later to add 2fa later and I hope i will not face any problem. I am using real gmail already opened in my mobile with full access. If i lost 2fa ,i hope my email will be enough to recover it

Give it a try. I have enabled 2FA and it worked without any issues. And about getting the code through email, I think it doesn't matter much. Besides I have been using google Authenticator and Authy for years, never encountered any bugs or sync issue. Also you can backup your keys set passwords. So it's pretty secure and protected.

No, no code will be sent to the email. If you want to enable  2FA security system on your account, you will need Google Authenticator. As you have added your Binance and KuCoin Exchange to Google Authenticator, you will see Secret (base32)I have covered with red mark and copy and add it to your Google Authenticator. Still, while logging in, copy and paste the OTP from Google Authenticator and login.

---

Helps and Beginner threads have a post about 2FA. If you see this post I think you will understand very easily
= https://bitcointalksearch.org/topic/newbies-how-to-use-the-2fa-security-system-in-the-account-5479003

There's a URL on the icon in the 2FA - it leads to a parked domain advertisement.  Is this deliberate, or a blunder?

---

---

@Sandra_hakeem - no not IP addresses - phone numbers.

Long overdue. 2FA enabled, and there doesn't seem to be any problems with the implementation on my end.

You will get logged out if your password verification is not correct while editing the account settings though.


This will not stop alt accounts at all since they can create many KeyPassXC login entries to store all the 2FA codes in.

A much needed feature in 2023 when there are so many scams and phishing attempts going on, I appreciate this work from theymos and PowerGlove and will surely report any bug if I encounter.
I am sure with this, the account security will be way above the normal standards, 2FA is a great soluition.

Im just wondering what if the user removes the 2FA unexpectedly on the device and how they will generate another QR again just to scan or even the code given so they can manually add it again to their device, after setting up that's the thought that comes up to my mind. Additionally, the Email feature is one of the most awaited added to the forum too.

I cannot describe my happiness at activating this additional layer of protection because I needed it for a long time before I was surprised that my account was stolen after the forum servers were hacked in 2015, and I was forced to remain for more than a year without an account since the account recovery system was not activated until later in 2018 if i can well remember.
Today, I feel that hope has returned to everyone by removing the fears of losing their accounts for one reason or another, since all requests to activate additional protection layers remained on the shelves on the basis that their activation will be in the new version of the forum, which does not seem to see the light of day soon.
In general, thanks to the forum administration for giving this point sufficient attention, and I hope that more work will be done to study and support many other good suggestions, if the launch of the new forum software will be delayed further.

Congratulations on the excellent work that's being done on this forum. It's extremely pleasant to see users' suggestions implemented; it's a way of showing appreciation towards us, who use this forum, that our voices have been taken into account. The 2FA was quite a common inquiry on the Meta board, and it's finally here. It's a vital security element, especially for higher-ranking members, to ensure the safety of our forum and prevent potential scam attempts.

I was always positive about the 2FA implementation, and now that it's finally here, I'm going to enable it as soon as possible.

An applause worthy development. I have, on several cases imagined how to get my forum account secured and often wished for a 2fA integration and it just arrived promptly as expected.

However, I will await feedbacks from those who have used it and know which approach is best, talking about the emails, as stated by OP.

I have to change my password through my email just to get in again I've used the 2FA it shows

I don't know why I'm getting this error as all the other sites I'm using show a correct 2FA

I followed this instruction, it says the authentication is already synched with Google servers


Am I the only one any help will be appreciated.

Adding additional 2FA for email address is also a good idea.
I noticed that whenever profile page is refreshed new shared secret and new QR code are generated, and that is good thing, but everyone make sure to backup everything correctly.

Roger that.
Thanks for finally adding this feature

We are waiting patiently for you next forum project

It's so easy to bypass that by using web cam on the same device (laptop or computer) that has installed software for storing shared secrets.

Congratulations on the excellent work that was done!

Without a doubt, a reinforcement of the forum's security, and proof that this forum is still very much alive and that it deserves the trust of its users.