CalTec Posted May 3, 2022 Share Posted May 3, 2022 Hey, just wanted to share this feedback, cheers! Link to comment Share on other sites More sharing options...
Kevin Slater Posted May 3, 2022 Share Posted May 3, 2022 @RadioRobJust making sure you see this. Kevin Slater Link to comment Share on other sites More sharing options...
RadioRob Posted May 3, 2022 Share Posted May 3, 2022 We don’t force the use of 2FA for members. It’s only REQUIRED for people with access to the backend tools of the site. (Meaning it’s required for Cooper and myself.) It’s optionally available for members… and RIGHT NOW it would only challenge 2FA for specific actions…. - Changing email address - Changing password - Managing authorized (recognized) devices It’s not currently configured to require it for login to the front end of the site. Link to comment Share on other sites More sharing options...
+ ButchAtl Posted May 3, 2022 Share Posted May 3, 2022 I'm feeling dumb...what is 2FA? Is it like 2 authorizations or similar? Link to comment Share on other sites More sharing options...
RadioRob Posted May 3, 2022 Share Posted May 3, 2022 2FA stands for Two Factor Authentication. It’s sometimes noted as MFA (Multi Factor Authentication). It’s designed to help improve security by requiring something other than just a username/password to access a protected resource. There are many forms of 2FA…. It could include having a one time code sent (pushed) to a trusted device (via email or text), it could be a security token (such as a physical RSA token generator or a software based token generator such as Google Authenticator or Authy), or even things such as biometrics. The general idea is that a good way to protect a resource is to verify a user using multiple methods… typically this is along the lines of: - Something you know (say a password) - Something you have (say access to a token generator that changes codes every 30 seconds) - Something you are (say such as a finger print or face scan) The idea is that if your password was ever compromised somehow, someone still could not access the resource without an additional factor. This makes it much harder for a malicious person to obtain and thus improves your overall security posture. CalTec, mike carey and + ButchAtl 1 2 Link to comment Share on other sites More sharing options...
CalTec Posted May 5, 2022 Author Share Posted May 5, 2022 On 5/3/2022 at 4:37 PM, RadioRob said: We don’t force the use of 2FA for members. It’s only REQUIRED for people with access to the backend tools of the site. (Meaning it’s required for Cooper and myself.) It’s optionally available for members… and RIGHT NOW it would only challenge 2FA for specific actions…. - Changing email address - Changing password - Managing authorized (recognized) devices It’s not currently configured to require it for login to the front end of the site. Copy that, thanks for the clarification 👍 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now