CoffeeCake

3 minutes ago, Ocean West said:

Yea that is odd I would expect these to be one way encrypted just like the password is. 

I can see a use case for some organizations where this exchange may happen over the phone and that the answers (depending on the questions) may be such where visual inspection of the provided answers could be a part of what happens for identity validation.

That said though, I think it's important that accessing those answers be considered a heightened privilege event. The option should exist to require the administrator to reauthenticate along with their own 2FA if configured as such, and should record an audit trail that the information was accessed by the administrator at said date and time.

We place trust in those we give privileged access to, however we should be able to verify that those responsibilities are not being abused by the individuals themselves or by a compromise affecting that individual's accounts.

4 minutes ago, Ocean West said:

Thanks 🙏 - i totally missed this option now enabled it and have added added a bunch of questions..

The not wonderful thing about this option is that these answers are viewable in ACP with no auditing of who is viewing them. This is terrible from a security perspective.

Be careful who has access to view and edit two-factor authentication in member profiles in ACP. I'd recommend turning this off for all administrator groups including your own.

1 hour ago, Ocean West said:

Some are old school they don't have a smart phone.

Ahh! This is what the Authy question is about. You'd want the text/call option then that Authy provides. My guess is that your moderators aren't going to be as huge a cost as rolling this out to your general membership.

9 minutes ago, Ocean West said:

probably plus the cost for the standard sms which is like .0075¢ possibly more depending on carrier / country

 

 

Oh yes! I'm not sure if Authy lets you disable certain methods to take away that part of the cost (it looks like voice/SMS isn't an option for the free plan). 

It depends entirely on how many authentications you have in your community. Are you requiring everyone to use 2FA? Offering it to everyone? Just privileged accounts? Then, if you exceed their starter plan of 100 auths per month (or want SMS/Voice support), you pay 9 cents for each successful auth.

If 100 users log in once successfully with authy in a month, you'd pay 9 cents * 100, or $9 (+ tax?).

To get an idea for its usage, you might consider inviting a representative group of members who would be willing to test this out for you and opening up Authy to that member group only. You can then take a look at costs/number of authentications per month from your beta group (and get some feedback on user acceptance, etc.) and then do some math to estimate what it would look like if X times more members used the system.

See: https://www.twilio.com/authy/pricing

Just now, AlexWebsites said:

Looks like it lapsed but no option to renew. 

You'll need to open a support request to have the invoice regenerated so you can renew.

1 hour ago, AlexWebsites said:

Can't seem to update in 4.5 within the ACP and am getting:

Check to see if your renewal lapsed here: https://invisioncommunity.com/clients/purchases/

If you can't renew it, open a support ticket so they can regenerate the invoice. It's a bit wonky right now.

So the output is a picture of an Excel spreadsheet? For stock analysis software?

You may be interested in this thread:

IPS Cloud hosting may be a good idea if you don't want to be involved in this way with the administration of your server.

That said, you can learn about MySQL OPTIMIZE TABLE here:

https://dev.mysql.com/doc/refman/8.0/en/optimize-table.html

This is not something that IPS does for you (nor would you want it to).

Other database maintenance statements are outlined here: https://dev.mysql.com/doc/refman/8.0/en/table-maintenance-statements.html

You can find scheduled tasks by searching for "Tasks" in ACP.

There's no undo button, so from the interface, you'll need to select the threads that belong in one thread and split them off into a separate thread.

@PurplePixel, in other words, after the conversion is complete, background tasks will run starting with the newest post and moving to the oldest post. Things will look weird until this is finished, but you can examine the newest posts at the time of conversion to see what the output looks like and make sure your BB code is being converted properly. You can see running background tasks from the ACP dashboard.

For our migration, we waited until a few months of posts had been processed before reopening the community to prevent confusion for members.

You probably need to get more information about this "mil" thing. I do lots of conversion between formats and have never heard of it. I'm doubting it's a graphics file.

What tool wants the mil file? Is it a specially formatted text file (will it open in a text editor)?

Very interesting, @Nathan Explosion! We'll take a look!

Does it happen after previously posting on the same thread?

That it would erase your editor from paginating through a thread sounds like a bug and not intentional.

Honestly, the response in 2019 was the problem. It should have been PWA today + future app then. But, good news that PWA isn't being ignored anymore.

I'd like to learn more about these "defart" strings.

8 minutes ago, stoo2000 said:

Ah, I see why that is. I deleted the files that contains these instructions, but you still have it because it wasn't overwritten. I can push out an update with a blank file to fix this.

I deleted install/queries.json but wanted to make you aware for future time travelers. 🙂

@stoo2000 When going to apply the XSS patch, I noticed a "There are problems with your database" Fix it button:
 

Find a solution

There are some problems with your database. Normally it is safe to try to fix these problems automatically however if your community is large, you may want to run the necessary queries manually. If so, the queries to run are:
ALTER TABLE `core_validating` ADD COLUMN `bouncer_force_email` TINYINT NOT NULL DEFAULT 0 COMMENT 'Forced email change?'
ALTER TABLE `core_members` ADD COLUMN `bouncer_disabled` TINYINT NOT NULL DEFAULT 0 COMMENT 'Disable outgoing email?'
ALTER TABLE `core_members` ADD COLUMN `bouncer_warning` TINYINT NOT NULL DEFAULT 0 COMMENT 'Warned about email failures?'
ALTER TABLE `core_members` ADD COLUMN `bouncer_spam` TINYINT NOT NULL DEFAULT 0 COMMENT 'Disabled for marking as spam?'

Who is your e-mail provider? Are you sending mail directly from a mail daemon on your server (postfix/exim/sendmail/etc.)?

Are you getting 550 messages to only certain providers? (Gmail) or all recipients?

Has anything changed? I think yesterday you had another issue where no one could log in.

3 hours ago, Ibai said:

Could you tell me where is it exactly?

ACP > Overview > Files > Storage Settings (Button at the top) > Configurations

From there, look for the file system storage configuration and you'll see a toggle with a custom URL.

Maybe we could track this with some event tagging: https://support.google.com/analytics/answer/1033068

Oh well snap. Indeed!