Jump to content

Community

[[Template core/global/global/lkeyWarning does not exist. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]

Mr 13

Members
  • Content Count

    1,037
  • Joined

  • Last visited

  • Days Won

    4

 Content Type 

Profiles

Downloads

IPS4 Documentation

IPS4 Providers

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Forums

Everything posted by Mr 13

  1. Why this obvious option for 2FA is not implemented? Hope this will be available in future versions. Thanks.
  2. SMS are not stronger than any other popular 2FA method. Emails are transmitted encrypted, SMS are transmitted not encrypted (vulnerable for GSM sniffing). Email could be protected with strong 2FA factor (like a physical key), SMS, again, vulnerable for GSM sniffing so attacker don't even need to get access to attacked phone. Even without taking into account the frequent problems with the delivery of SMS and their high price, they are worse than email even only on security side.
  3. That's obvious, but it's still much better than not using of 2FA at all, as it still protects the user in case when only password was stolen (the main purpose of 2FA, isn't it?). Email-based 2FA is enough for most communities, especially considering what most of email accounts are already protected with 2FA, so it's very unlikely what email could be stolen. SMS is expensive and insecure, Authy-like apps is too complicated for most users and overkill in most cases. Steam, Origin, Epic Store are using email-based 2FA for years. It's completely free and reliable way to improve security, so why not? So please implement this and let us(clients) decide if it enough to use email-based 2FA or to use other methods if we really need this. Those who consider this way as not secure enough for them just could use existing methods. Thanks.
  4. Here is an example (add it to custom.css file of your theme): /*** Attach Mobile Nav to Bottom ***/ #elMobileNav { position: fixed; bottom: 0; width: 100%; z-index: 5049; border-top: 1px solid #808080; } /* Increase body length in order to not overlap footer elements */ body.ipsApp_front { padding-bottom: 50px; } /* Prevent from overlapping by lang switcher */ ul#elNavLang_menu, ul#elNavTheme_menu { z-index: 5048 !important; } /* Prevent from overlapping by notification popups */ #elFlashMessage.ipsFlashMsg_bottom { bottom:50px; } #elFlashMessage.ipsFlashMsg_dismissable [data-action='dismissFlashMessage'] { right: 10px; } It may also require some additional cosmetic tuning for your theme. It shouldn't be hard but i don't plan to implement this because in my experience this behaviour could be unobvious and annoying for inexperienced users. Fixed docking is enough in my opinion.
  5. I'd rather suggest to dock it to the bottom of the screen on mobile, as many mobile apps does. Here is an example how i implemented this on one of my websites a while ago. This way you can access breadcrumb button, quick links and notifications right under your finger even while holding a big mobile with one hand.
  6. It's just a request for implementation of missed 2FA method, no one forces you to use it on your websites if you don't need this additional layer of security 🙂 This could be done via E-Mail 2FA, just sending a link instead of code or in addition to it.
  7. Any news on this suggestion (taking into account our dialogue and my examples in mentioned ticket and this topic)?
  8. It's time to start display SVG in attachments, isn't it?
  9. In most cases instead of raster images it possible to use CSS or SVG, that means huge traffic savings(which is critically important on mobile networks) and reduces loading time. For example, currently default cover photo in user profile or in club sized 735 KB. It's TOO much. In next IPS version it's size will be slightly lower, but it's still too much for slow or expensive moblie networks, especially taking into account what this image does not make any value for users. Here is some SVG examples: svg.7z (yes, here is 3 backgrounds, sized just in 2 kb in compressed state).
  10. A little addition: Just in case you'll change your mind about raster images in backgrounds, here is some SVG examples: svg.7z (yes 3 backgrounds, sized just in 2 kb in compressed state).
  11. Yes, you're right, i've just edited my previous message because discovered it in actual output. So there is the new question now 🙂
  12. Still can't get why should we use something in around 300 KB when it could be implemented in around 1 KB. Mobile data is expensive and slow in most cities of the world, even in america, isn't it?
  13. Because of constant decline in terms of popularity. They decided to remove chat and give more effort to more popular functionality. And it was right decision. Nowadays everything should work in chat-like instant manner, so chat as independent app just not needed. I hope in future they will put more effort on instant interaction (messaging) directly in all existing apps including PM and forums.
  14. Hello. There is a problem with some popular mailing services, where if user performed the action listed in "List-Unsubscribe" header, this email will be also automatically marked as spam. This way a lot of emails become wrongly marked as spam even if user did not planned to do this and just wanted to unsubscribe. It would be nice to have an option where we can disable this header for user-defined list of recipient domains, so our emails wont marked as spam just because of that strange implementation of unsubscribe functionality in that services. Here are services which should be listed in this exception list by default: *@mail.ru *@list.ru *@inbox.ru *@bk.ru
  15. But the same time they mark emails as spam, so it does not matter what they recommend while their own behaviour is strange and uncommon. Our goal is deliver message to user and don't get into "spam" and not to "follow recommendations, even if they destructive for us", isn't it? 🙂 PS. Actually they mark as spam immediately after "Unsubscribe" action, not only if user still get this emails, this is why it's so dangerous to send them mails with Unsubscribe header.
  16. Here is this problem is described in more detail. Same page with google translation. We've contacted with Mail.ru about this problem but they don't want to change this behaviour, so we need a way to prevent this behaviour from our side.
  17. I hope that lazy load will be also implemented for YouTube embeds in 4.4. This topic is a live illustration why this is important. It would be awesome to load just thumbnail instead of player and to load player only when thumbnail clicked. This significantly improves performance on pages with embedded videos.
  18. Thanks a lot, that's a very good news.
  19. I know about this plugin, but i think this must be available in vanilla IPS.
  20. This must be done also for profile/clubs default covers: Hope to see this in 4.4. Thanks.
  21. Will be lazy load also implemented for YouTube embeds? This topic is a live illustration why this is important. It would be awesome to load just thumbnail instead of player and to load player only when thumbnail clicked.
  22. Is there any plans to introduce reCAPTCHA v3 in near future? It designed to use in more places rather than just registration and anonymous commenting. Hope to see this soon in IPS at least on registration, sign-in and commenting (not only anonymous, but also registered group-based) forms. Thank you.
  23. No. "Invisible reCAPTCHA" is one of forms of reCAPTCHA 2. reCAPTCHA 3 has some more advanced features compared to v2.
  24. But this is the way how people use it. So we should look not only from perspective "how it was intended initially" but also take into consideration actual behavior of users, how they use it in fact. Thank you, that's what we waited for
×
×
  • Create New...