(DENIED)
2015-02-19, 02:06 AM, (This post was last modified: 2015-02-20, 03:06 PM by HawkEye.)
#1
2FA (which stands for Two Factor Authentication) is a security feature which, when toggled on, will require the user to enter a verification code that is generated from an app (Google Authenticator/Authy) on the user's phone.

Such feature would greatly reduce account compromises(if not completely remove them) for those who have turned this feature on.

The only disadvantage to this would be that if a user changes his phone device but forgets to move 2FA to his new device (which is only possible by disabling it and re-enabling it), he'd probably have to contact a staff member (unless he's using Authy which backs up 2FA data to the cloud).

So if the usage of the Authy app was endorsed I don't think there would be any downsides to this (unless it uses too many server resources, which I'm unaware if it does).
Latest Thanks - View all

Ondeko(2017-10-19 03:58 PM) 

"The master has failed more times than the beginner has even tried"

My VIP Shares:
How to stop Chrome from blocking PPI installers
How to make advanced, custom messageboxes that match your theme in VB.

PM ME FOR A 99% OFF DISCOUNT ON HOSTWINDS
2015-02-19, 02:13 AM, (This post was last modified: 2015-02-19, 02:15 AM by BlackHatSEO.)
#2
At MyBB 1.8.4 the Two Factor Authentication is already implemented for the ACP (Admin Control Panel).

I think it's not needed for normal users. If you set a strong password and don't share your password, there is no risk of getting hacked. Personally it's the first hacking attempt I see since 2013.

Additionally I don't want to use Google Apps on my mobile devices (iPhone 6 plus, iPad Air 2), because Google is sniffing enough data about everybody.

This place is intentionally left blank.
2015-02-19, 02:20 AM,
#3
(2015-02-19, 02:13 AM)BlackHatSEO Wrote: At MyBB 1.8.4 the Two Factor Authentication is already implemented for the ACP (Admin Control Panel).

I think it's not needed for normal users. If you set a strong password and don't share your password, there is no risk of getting h@cked. Personally it's the first hacking attempt I see since 2013.

Additionally I don't want to use Google Apps on my mobile devices (iPhone 6 plus, iPad Air 2), because Google is sniffing enough data about everybody.

If a user's computer is compromised, then his password can be exposed no matter how secure it is.
By hacking I'm not referring to server-sided hacks, but individual compromises where the user is usually at fault (viruses, etc).
While your second point is true, there are many apps that allow you to use 2FA (besides Google Authenticator).

"The master has failed more times than the beginner has even tried"

My VIP Shares:
How to stop Chrome from blocking PPI installers
How to make advanced, custom messageboxes that match your theme in VB.

PM ME FOR A 99% OFF DISCOUNT ON HOSTWINDS
2015-02-19, 02:32 AM, (This post was last modified: 2015-02-19, 02:33 AM by BlackHatSEO.)
#4
(2015-02-19, 02:20 AM)Nightcore Wrote: If a user's computer is compromised, then his password can be exposed no matter how secure it is.
By hacking I'm not referring to server-sided h@cks, but individual compromises where the user is usually at fault (viruses, etc).

You're right, but everybody should take care of the protection of his computer by himself.

The cost for a single license of an anti-virus and security software is not that high. CPAElites users do run their own businesses, so everybody should have these US$ 20 or less for a single license. Even newbies can invest that little amount. There are even freeware solutions available. And Windows 8/8.1/7/Vista is installed with a default protection already.

I'm sorry, but it's not the job of CPAElites to care about inexperienced users. There are other tasks that have a higher priority. I would consider the 2FA as additional barricade.

Personally none of my machines has ever been hacked, going back 15 years and more.

But anyways it's a decision of Hawk and Verilog, of course.

This place is intentionally left blank.
2015-02-19, 06:32 PM,
#5
Very well explained BlackHatSEO, this can't be added.
Thanks for the suggestion though.


Possibly Related Threads...
Thread Author Replies Views Last Post
  [DENIED] Stocks/Investment section? 4eller 1 396 2016-12-07, 10:47 PM
Last Post: HawkEye
  CPA Teamspeak? [DENIED] Harrington 2 1,152 2016-10-22, 03:33 PM
Last Post: HawkEye
  DENIED John. 17 1,099 2015-02-20, 02:55 PM
Last Post: HawkEye
  (DENIED) Links on awards Rational 4 413 2015-02-19, 06:25 PM
Last Post: Verilog
  (DENIED) [Suggestion] Image url while quoting using quote button. neverstop 7 603 2015-02-17, 10:44 PM
Last Post: Verilog





About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2017 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top