What's New
Off Topix: Embrace the Unexpected in Every Discussion

Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

Who else doesn't like 2 Step Verification?

MrDawn

20K Club
Administrator
Joined
Dec 26, 2014
Posts
22,803
OT Bucks
1,120
I have to say that I'm not a fan of any forum that makes me use 2 Step Verification whether I'm on staff or if I'm just a regular member. I find it funny how staff on those forums act like it's a bullet proof method and to that I will say no. If someone can hack your password on that forum, they can also hack your password to your email account and everything else you have. Who else feels the same way?
 
I have to say that I'm not a fan of any forum that makes me use 2 Step Verification whether I'm on staff or if I'm just a regular member. I find it funny how staff on those forums act like it's a bullet proof method and to that I will say no. If someone can hack your password on that forum, they can also hack your password to your email account and everything else you have. Who else feels the same way?
The solution is not to use email to send the verification codes. An app like Google Authenticator (MS has one, too) is far more secure and is supported by Xenforo.

Or my bank's approach which lets you use the bank app to get 2FA codes (and the bank app can be set to use your phone's biometric authentication).

That said I don't tend to use 2FA for something casual like Off-Topix, just for banking or similarly sensitive applications. I do use it on Wondercafe2 but that's because I am an admin there.

And the solution for someone getting both your email and your forum password with one hack is to to have different passwords for each site and manage them with a secure password management tool. Chrome's built-in one is pretty good now.
 
I have to say that I'm not a fan of any forum that makes me use 2 Step Verification whether I'm on staff or if I'm just a regular member. I find it funny how staff on those forums act like it's a bullet proof method and to that I will say no. If someone can hack your password on that forum, they can also hack your password to your email account and everything else you have. Who else feels the same way?
I've had to use 2FA on some forums I was on. Be it Staff or regular member. Staff I can see, but even then it's up to a point. It can get quite tedious but I do understand the reasoning. Nothing is bullet-proof. It reminds me of having a lock on your door & another lock & another. Yes, it buys you time but if somebody REALLY wanted to get in, they'd find a way.
 
Back
Top Bottom