Do you like to enable two-factor authentication for your website so that your user accounts are better protected? At Discussion Hub, we only force staff members to enable 2FA. I believe users are able to set it up if they want to but I haven't checked
Off Topix: Embrace the Unexpected in Every Discussion
Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.
2FA
- Thread starter Ash
- Start date
I don't enforce it, not everyone likes it and I've seen where it can fail at times.
Wouldn't you be worried about the damage someone could do though if they gain access to one of your staff member's accounts?
This craze about 2FA begain I think when Cryptos were introduced in the market. Atleast that is where I came across them. I have had a tough time working on them. And now every one wants it.
Same. I've never liked the function one bit. It's a major chore to use.
I use 2FA on every important account I have, and all the sites I run support it as well. The security boost you get from adding that second layer of verification is huge compared to relying on a password alone. That said, I don’t force regular members to enable it. Some people simply don’t like using 2FA, and as others in the thread mentioned, forcing it can push users away rather than make them feel safer. I’d rather give them the option, explain why it’s valuable, and let them decide.
I’ll admit I wasn’t a fan of it at first either, but once you use it consistently, it becomes second nature. The real trick is choosing a good authenticator app. I highly recommend using one that works across multiple devices so you’re not stuck if your phone dies or gets replaced. Authy is a solid choice, but I personally use Zoho Auth because it syncs across devices and even has a desktop option, which makes the whole process far less of a hassle.
For staff accounts, though, I’m firmly in the “required” camp. A compromised staff login can do real damage, and backups alone don’t prevent the chaos that can happen in the meantime. For everyday members, optional is fine, but for anything critical, 2FA is absolutely worth it.
I’ll admit I wasn’t a fan of it at first either, but once you use it consistently, it becomes second nature. The real trick is choosing a good authenticator app. I highly recommend using one that works across multiple devices so you’re not stuck if your phone dies or gets replaced. Authy is a solid choice, but I personally use Zoho Auth because it syncs across devices and even has a desktop option, which makes the whole process far less of a hassle.
For staff accounts, though, I’m firmly in the “required” camp. A compromised staff login can do real damage, and backups alone don’t prevent the chaos that can happen in the meantime. For everyday members, optional is fine, but for anything critical, 2FA is absolutely worth it.