Jump to content
Holiday Closing, Support Availability Notice ×

2FA [Two Factor Authentication]

SenGuy

By SenGuy
in Feedback

Recommended Posts

  • Replies 87
  • Created
  • Last Reply
Bluto Mentor

Bluto

Posted
Posted

That sounds like something for a developer to create.  I believe there is one for the admin area, maybe that developer could create one for the general site?

Koby Enthusiast

Koby

Posted
Posted
24 minutes ago, Bluto said:

That sounds like something for a developer to create.  I believe there is one for the admin area, maybe that developer could create one for the general site?

The admin cp is just that an admin can set a global 2nd password which all admins would have to have to be able to login to admin cp.

What the OP is referring to is a feature that FaceBook has, in which to login you must have a code that is sent to your mobile.

The issue I see with this in IPS; is most users aren't going to want to share their mobile number to access a forum.

 

Bluto Mentor

Bluto

Posted
Posted
10 minutes ago, Koby said:

The admin cp is just that an admin can set a global 2nd password which all admins would have to have to be able to login to admin cp.

What the OP is referring to is a feature that FaceBook has, in which to login you must have a code that is sent to your mobile.

The issue I see with this in IPS; is most users aren't going to want to share their mobile number to access a forum.

 

I didn't really look at the mod for the admin control panel.  But I knew something was in there related to it.

I don't think this is something that IP is going to put into the script just because it's so niche.  Not a lot of communities are going to use it.  

As far as the people putting in their numbers, you're probably right about their personal numbers.  Though when you create a twitter bot (twitter app) you need to have a mobile number attached to the profile, you do this via Google Voice - Twitter only allows a mobile number to be used once on the site (assuming that is used for the persons personal Twitter account).  So, people can get around having to use their personal number.

I would probably use this on my forum.  But my forum is a bunch of "high security tech" type people who would love something like this.

Hexsplosions Proficient

Hexsplosions

Posted
Posted
2 hours ago, Spirits of Arianwyn said:

you can use the 2-step auth with codes and just use an app like Google Authenticator...

+1 I'd support that. I already use authenticator for several sites.

Bluto Mentor

Bluto

Posted
Posted
39 minutes ago, Lindy said:

We are planning on 2FA - likely the first half of next year (there is a 110% chance we're adding it!)

Quoted!

Joel R Mentor

Joel R

Posted
Posted
15 hours ago, Lindy said:

We are planning on 2FA - likely the first half of next year (but don't quote me.)

Is this part of a broader push into mobility and mobile enhancements? Or is this an isolated feature?

  • 5 months later...
  • 3 weeks later...
  • Management
Lindy Grand Master

Lindy

Posted
  • Management
Posted

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

The Dark Wizard Collaborator

The Dark Wizard

Posted
Posted
3 hours ago, Lindy said:

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

Awesome.

Just as an example are you using text message/emailcode/yubikey or authy/google app?

Jed Rosenzweig Enthusiast

Jed Rosenzweig

Posted
Posted
21 hours ago, Lindy said:

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

I'm using it for our site and it works great, nice little piece of mind.

Jswerv3 Explorer

Jswerv3

Posted
Posted
On 5/30/2016 at 10:58 PM, Lindy said:

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

For 3.4x as well?

Morgin Rising Star

Morgin

Posted
Posted
On 5/30/2016 at 8:58 PM, Lindy said:

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

Is this likely to come before 4.2 do you think? 2FA is starting to become a must have given the number of data dumps that have happened and users simply cant be trusted to not reuse passwords (even moderators).

  • Management
Lindy Grand Master

Lindy

Posted
  • Management
Posted
On 5/31/2016 at 11:49 PM, Jswerv3 said:

For 3.4x as well?

No.

On 6/3/2016 at 7:16 PM, Morgin said:

Is this likely to come before 4.2 do you think? 2FA is starting to become a must have given the number of data dumps that have happened and users simply cant be trusted to not reuse passwords (even moderators).

Possibly, but I can't make any promises. 

Aiwa Mentor

Aiwa

Posted
Posted
4 minutes ago, tAPir said:

I hope there's a way to switch it off in ACP. I'm old and stupid and have difficulty remembering one password.

And you still only remember one password.  The second one is sent to you, or you have to get it from an authentication app that has rolling codes.  

tAPir Collaborator

tAPir

Posted
Posted

Thanks for the info but I joined a forum recently with this. I left after 5 logins because I just found it as a PITA. I can understand someone with a techie forum wanting it (as above) but for my little forum most of my users would leave if I implemented this.

Aiwa Mentor

Aiwa

Posted
Posted
1 minute ago, tAPir said:

Thanks for the info but I joined a forum recently with this. I left after 5 logins because I just found it as a PITA. I can understand someone with a techie forum wanting it (as above) but for my little forum most of my users would leave if I implemented this.

I don't disagree with you. I see it as an option for the member of they want the added security, and a must for admins to help secure the board. 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...