2FA Security

[HipKat]

Recently, my account on another forum was accessed and the Admin there recommended I take advantage of the 2FA option that (I didn't know) they have enabled for that site. With this kind've thing becoming more and more of an issue online, have you ever considered adding it here?

[jc856]

13 hours ago, HipKat said:

Recently, my account on another forum was accessed and the Admin there recommended I take advantage of the 2FA option that (I didn't know) they have enabled for that site. With this kind've thing becoming more and more of an issue online, have you ever considered adding it here?

By accessed, do you mean hacked? And if hacked, it was from outside the site?

[Woody]

If someone wants to go through the trouble of hacking my Range account they can have it. 

 

[HipKat]

13 hours ago, jc856 said:

By accessed, do you mean hacked? And if hacked, it was from outside the site?

Yeah, it was originated in India.. Site admins really did a lot of digging to find out when and where it was accessed.  My Lifelock account alerted me to the breach, originally. The problem with this - and probably wouldn't be here - is that it's a gaming site and people, me included, have links to our Discord, Steam, YouTube, Origin, etc sites, which the attacker can use to access those as well and some of those have payment info on them. In my case, it was YouTube he tried to get access to and I pay for YT Red to eliminate ads and unlock YT Original Content.

[Woody]

4 hours ago, HipKat said:

Yeah, it was originated in India.. Site admins really did a lot of digging to find out when and where it was accessed.  My Lifelock account alerted me to the breach, originally. The problem with this - and probably wouldn't be here - is that it's a gaming site and people, me included, have links to our Discord, Steam, YouTube, Origin, etc sites, which the attacker can use to access those as well and some of those have payment info on them. In my case, it was YouTube he tried to get access to and I pay for YT Red to eliminate ads and unlock YT Original Content.

I went through some similar crap with my Playstation account.  Some jackass from Riyadh attempted to get into my account like fifty times.  My phone blew up because I had 2FA enabled on that. My opinion is, when money is involved, definitely use 2FA.  But for small time sites like the Range, I wouldn't worry about it.  Money doesn't change hands here and I don't think any of us store sensitive information here outside of maybe an e-mail address.  All I do is make sure that I use a unique password on this site, so that it can't be used elsewhere should it get compromised.  

 

[jc856]

My password is “password”. Not many people use that one.

[Woody]

Unique as in my Range account and Paypal account don't have the same password.  That's what gets most people in trouble, using the same password for every account they have. 

 

[LiterateStylish]

On 8/15/2020 at 7:11 AM, HipKat said:

Recently, my account on another forum was accessed and the Admin there recommended I take advantage of the 2FA option that (I didn't know) they have enabled for that site. With this kind've thing becoming more and more of an issue online, have you ever considered adding it here?

We have the functionality, just never turned it off.

Figured most people would be confused.

[HipKat]

1 hour ago, LiterateStylish said:We have the functionality, just never turned it off.

Figured most people would be confused.

When I wrote this I have never used it before but now I have a couple of different places and TBH, it doesn’t really seem like it’s really necessary. It’s really kind of a pain in the ass when you have to log back into a site and then pull up the app to get your code