Two Factor Authentication

[ped]

Hi guys

 

Just a heads up - I am going to enable two factor authentication as an option (but a strongly suggested one) for all members in the next few weeks. It is already mandatory for Admin, and will be rolled out with the Mod team soon as well.

 

If you're not familiar, it'll mean that you'll need to carry out a second step when logging in (or carrying out any of the actions below) by one of two methods - either entering the answers to three security questions which you can set up yourself, or by using Google Authenticator which generates a code for you to enter on BC. If you're on Safari/MacOS you can also use the in built 2FA setting and use your fingerprint or Face ID (Windows may have an equivalent, not sure)

 

Rest assured it's easy and helps secure your account which is becoming increasingly important. 

 

• 2FA is required when:
• Changing email address - The user will also need to re-enter their password.
• Logging into the front-end from a new device
• Managing Authorized Devices
• Logging into AdminCP
• Updating two-factor authentication setup, changing the online status visibility, requesting PII data or account deletion.
• Changing password
• Logging into the front-end from a known device - This does not apply if the user is logged in automatically because they have used the Remember Me checkbox.
• Managing alternative contacts
• Viewing, withdrawing or topping up account credit
• Managing PayPal Subscriptions
• Managing stored cards
• Editing personal billing information
• Managing addresses

 

Any questions or concerns just let me know!

 

Cheers

Chris

[neepheid]

I just tried to do the Google Authenticate and there's a blank space where I guess a QR code should be...

 

Chrome browser on Windows FWIW.  Tried to open the image in a new tab and got a 404 error, if that helps track down what's going on...

[neepheid]

Works fine with the code though 💪

[ped]

Thanks, yeah that happened to me on another site. You get a box with a question mark in it? I wondered if it was due to my AdGuard plug-in but perhaps not. Thanks for reporting

[neepheid]

 

That's how it looks here.  Disabled uBlock Origin (adblocker) and tested again, same result.

[ped]

Apparently Invision (who make this software) are aware of the issue and looking into it. Not holding my breath but if people want to use the code method for the time being that’s fine. 

[Dad3353]

There's absolutely no chance of me using any of this bar-code stuff; I hardly know how to turn my 'phone thingy on. I was obliged to acquire one when my bank started using sms stuff for validation; I've managed, so far, to use it for that every couple of weeks or so, but I have no other use for it between its weekly charge-up. If there's an alternative, I'll see what I can cope with, but it'd better be darned easy..! 

[ped]

Totally optional

[pete.young]

I had the same as @neepheid with no QR code - Firefox on MacOs. Code works fine.

[ped]

Maybe they’ll fix it in the next update, I’ll continue to pester them

[Chienmortbb]

Fine with 2FA but Google....nah. They are the Evil Empire. Will try the other way.

[tauzero]

Does it have to be Google Authenticator? Not another 2FA app such as Authy?

[ped]

6 hours ago, tauzero said:

Does it have to be Google Authenticator? Not another 2FA app such as Authy?

Authy has been depreciated on this software now for some reason - the only option other than Google or Security Questions is Verfiy, a paid, text based service which will take some setting up. I’ll look into it later 👍🏼

[Chienmortbb]

I just don’t trust Google. I avoid them as much as possible.