Jump to content

Community

2FA [Two Factor Authentication]


Recommended Posts

  • Replies 87
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Google 2FA will be in 4.1.18.

After vetting this out, we're likely to incorporate Google Auth. 

Almost finished, on the road to be publish on marketplace in August  This is an early preview, some things are not finished. I'm looking in U2F login too.

Posted Images

24 minutes ago, Bluto said:

That sounds like something for a developer to create.  I believe there is one for the admin area, maybe that developer could create one for the general site?

The admin cp is just that an admin can set a global 2nd password which all admins would have to have to be able to login to admin cp.

What the OP is referring to is a feature that FaceBook has, in which to login you must have a code that is sent to your mobile.

The issue I see with this in IPS; is most users aren't going to want to share their mobile number to access a forum.

 

Link to post
Share on other sites
10 minutes ago, Koby said:

The admin cp is just that an admin can set a global 2nd password which all admins would have to have to be able to login to admin cp.

What the OP is referring to is a feature that FaceBook has, in which to login you must have a code that is sent to your mobile.

The issue I see with this in IPS; is most users aren't going to want to share their mobile number to access a forum.

 

I didn't really look at the mod for the admin control panel.  But I knew something was in there related to it.

I don't think this is something that IP is going to put into the script just because it's so niche.  Not a lot of communities are going to use it.  

As far as the people putting in their numbers, you're probably right about their personal numbers.  Though when you create a twitter bot (twitter app) you need to have a mobile number attached to the profile, you do this via Google Voice - Twitter only allows a mobile number to be used once on the site (assuming that is used for the persons personal Twitter account).  So, people can get around having to use their personal number.

I would probably use this on my forum.  But my forum is a bunch of "high security tech" type people who would love something like this.

Edited by Bluto
Link to post
Share on other sites
  • 5 months later...
  • 3 weeks later...
On 5/30/2016 at 8:58 PM, Lindy said:

We're using 2FA on our managed/enterprise platform. It will be implemented in the retail product in coming months.

Is this likely to come before 4.2 do you think? 2FA is starting to become a must have given the number of data dumps that have happened and users simply cant be trusted to not reuse passwords (even moderators).

Link to post
Share on other sites
  • Management
On 5/31/2016 at 11:49 PM, Jswerv3 said:

For 3.4x as well?

No.

On 6/3/2016 at 7:16 PM, Morgin said:

Is this likely to come before 4.2 do you think? 2FA is starting to become a must have given the number of data dumps that have happened and users simply cant be trusted to not reuse passwords (even moderators).

Possibly, but I can't make any promises. 

Link to post
Share on other sites
4 minutes ago, tAPir said:

I hope there's a way to switch it off in ACP. I'm old and stupid and have difficulty remembering one password.

And you still only remember one password.  The second one is sent to you, or you have to get it from an authentication app that has rolling codes.  

Link to post
Share on other sites

Thanks for the info but I joined a forum recently with this. I left after 5 logins because I just found it as a PITA. I can understand someone with a techie forum wanting it (as above) but for my little forum most of my users would leave if I implemented this.

Link to post
Share on other sites
1 minute ago, tAPir said:

Thanks for the info but I joined a forum recently with this. I left after 5 logins because I just found it as a PITA. I can understand someone with a techie forum wanting it (as above) but for my little forum most of my users would leave if I implemented this.

I don't disagree with you. I see it as an option for the member of they want the added security, and a must for admins to help secure the board. 

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy