Jump to content

Recommended Posts

4 hours ago, Silent Mistwalker said:

Install yet another app just to be able to log in to SL? WTH?

Oh come on, don't be dramatic about it.  2FA/MFA is already security best practice for logging into websites where there is something of value to protect.  It is combining something you know (username + password) with something you have (a code generated on your device/PC only for example) which increases your security by magnitudes for just a small incovenience.  Pretty much any big name internet service already has it as an option.  You may not have encountered it before but millions of people out there are using it.

4 hours ago, Silent Mistwalker said:

Or can afford one.

Good job you don't need one for it then.

If done right, the code wouldn't be necessarily needed every time you login.  Different companies have different policies on this ranging from once a day to a week to a month or even only when something changes like a login from a new PC, password change or when you buy something with your credit card, etc.

Edited by Gabriele Graves
  • Like 2
  • Sad 1
Link to post
Share on other sites
  • Replies 197
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

That's okay. I have zero income too and I live on my own (I've talked about it in previous threads). I understand. I'm not saying it to just you, even though your post prompted my response. The

2FA is sorely needed and I'm very glad to hear it is in the works. My hope is that one of the options will be software 2FA (such as Google authenticator app or other similar option) or even better lin

A major thing I learned over decades working on cybersecurity as a systems and network admin...  If you want your users to buy in to your security policy, you make compliance with it the easiest way t

7 minutes ago, Gabriele Graves said:

Oh come on, don't be dramatic about it. 

If done right, the code wouldn't be necessarily needed every time you login. 

quite some people use mutltiple accounts, for many reasons . Normally every change asks for a new code ... fun.
And.. again people have to give access to more personal details.. .. also fun.

  • Like 1
Link to post
Share on other sites
1 minute ago, Alwin Alcott said:

quite some people use mutltiple accounts, for many reasons . Normally every change asks for a new code ... fun.
And.. again people have to give access to more personal details.. .. also fun.

I use several services with different policies and none of them require this every time.  Google has an option for 30 days on the same device/PC for example.  People with that many multiple accounts wouldn't turn it on would they?  Maybe they only turn it on for their main who brings in L$ and uses the credit card and distributes L$ to their alts?  There are options.

I don't know you mean about access to more personal details.  2FA does not require any additional personal details from anyone.  I would be very against it if that were the case as I am a big privacy advocate.

The vibe from those objecting on this topic is starting to sound like "I don't think LL should allow Paypal because I don't want to use it, even though it is optional!!!" That would be just as ridiculous a position to take.

2FA would be optional unless LL are really clueless about doing it.
 

  • Haha 1
Link to post
Share on other sites
1 hour ago, Gabriele Graves said:

I don't know you mean about access to more personal details.  2FA does not require any additional personal details from anyone.  I would be very against it if that were the case as I am a big privacy advocate.

they get your phone number or device details, together with google, facebook or other "needed" social media things the tracking get more easy, if they don't now, they will tomorrow... another earning model for LL... sell more data

Edited by Alwin Alcott
  • Haha 1
Link to post
Share on other sites
2 minutes ago, Alwin Alcott said:

they get your phone number or device details, together with google, facebook or other "needed" social media things the tracking get more easy, if they don't now, they will tomorrow... another earning model for LL... sell more data

Nope, none of that is necessary with 2FA if done with an authenticator.  No sharing phone numbers and no details about your device/PC are sent anywhere.

Edited by Gabriele Graves
  • Like 1
Link to post
Share on other sites
1 hour ago, bigmoe Whitfield said:

walmart has trakphones which are smart phones for 15 dollars usd.  

Some just don't care about them.There about 16 people around that are smart phone free or just have a flip phone, like we do.  It's used for it's intended purpose --- talking.

Link to post
Share on other sites
1 hour ago, Gabriele Graves said:

2FA would be optional unless LL are really clueless about doing it.

Famous last words.  2FA would have to be optional or several accounts I use would need to quit SL.  This is not a simple issue when you consider the exceptions based on disability, travel (computers/offices in different states), and simply helping a partner out of an impossible technical situation.   I am already thinking of the workarounds needed if they make it mandatory.

Most of my financial RL accounts have 2FA and are NOT optional, btw.  If the batteries on my smartphone have run down, I need to wait long enough for the batteries to charge up to access the wireless network.  Pain in the azz, when I live home alone with an already strong password, and need to login quickly.  Impossible if I have my accounts installed on several computers at different locations.

 

 

Edited by Jaylinbridges
  • Like 2
Link to post
Share on other sites
3 minutes ago, Jaylinbridges said:

Famous last words.  2FA would have to be optional or several accounts I use would need to quit SL.  This is not a simple issue when you consider the exceptions based on disability, travel (computers/offices in different states), and simply helping a partner out of an impossible technical situation.   I am already thinking of the workarounds needed if they make it mandatory.

Most of my financial RL accounts have 2FA and are NOT optional, btw.  If the batteries on my smartphone have run down, I need to wait long enough for the batteries to charge up to access the wireless network.  Pain in the azz, when I live home alone with an already strong password, and need to login quickly.  Impossible if I have my accounts installed on several computers at different locations.

If it became mandatory, I'd be done with SL completely.

As for RL financial stuff --- I recently encountered an ATM at my own bank that started 2FA to get your cash on top of entering on the machine itself. I ended up calling the bank and told them and I don't use a smart phone. They said "Sorry, that is our new policy to protect our customers and if you don't have a phone, we have a partner carrier that can set you up." I ended up leaving that bank after a long time.

  • Like 1
  • Sad 1
Link to post
Share on other sites
10 minutes ago, Jaylinbridges said:

Famous last words.  2FA would have to be optional or several accounts I use would need to quit SL.  This is not a simple issue when you consider the exceptions based on disability, travel (computers/offices in different states), and simply helping a partner out of an impossible technical situation.   I am already thinking of the workarounds needed if they make it mandatory.

Most of my financial RL accounts have 2FA and are NOT optional, btw.  If the batteries on my smartphone have run down, I need to wait long enough for the batteries to charge up to access the wireless network.  Pain in the azz, when I live home alone with an already strong password, and need to login quickly.  Impossible if I have my accounts installed on several computers at different locations.

Not one of the services I use have mandatory 2FA nor do they require a cell phone - so counterpoint.  I guess you have to choose your services wisely.  LL could pull any number of very unwise stunts and cause thousands of people to leave but would they really kill the golden goose this way?  I am sceptical but if they did I could understand people not being happy about it but really if you think they would then surely it is only a matter of time before they ruin SL for you anyway?

Edited by Gabriele Graves
Link to post
Share on other sites
9 minutes ago, Kimmi Zehetbauer said:

If it became mandatory, I'd be done with SL completely.

As for RL financial stuff --- I recently encountered an ATM at my own bank that started 2FA to get your cash on top of entering on the machine itself. I ended up calling the bank and told them and I don't use a smart phone. They said "Sorry, that is our new policy to protect our customers and if you don't have a phone, we have a partner carrier that can set you up." I ended up leaving that bank after a long time.

well account security is on you and you alone than.  Have a good day :)

Link to post
Share on other sites
6 minutes ago, Gabriele Graves said:

Not one of the services I use have mandatory 2FA nor do they require a cell phone - so counterpoint.  I guess you have to choose your services wisely. 

don't overstep your points... it's getting a little overdone now.
I have several official services i NEED to participate in, and they only allow codes by phone or phone app. There is no way around it.

And aboutleaving SL  for changes?... that happened all the years with big impact changes by LL. This could be just another one, could ask if that's wise in a already declining userbase, because what they seem to want .. a shiny perect virtual world... isn't going to happen anymore. And together with the fee rise... bad ideas.

  • Like 1
Link to post
Share on other sites
1 minute ago, Alwin Alcott said:

don't overstep your points... it's getting a little overdone now.
I have several official services i NEED to participate in, and they only allow codes by phone or phone app. There is no way around it.

Too many things are depending on the phone.

  • Like 1
Link to post
Share on other sites
1 minute ago, Love Zhaoying said:

Any good 2FA options without phone? Email + click a link in it?

Many mboards do that and it's been an option for most forum software since when the dinosaurs roamed the planet. But many services don't do that option any more or if they do, still require the phone, like my old bank I fired.

  • Like 1
Link to post
Share on other sites
31 minutes ago, Gabriele Graves said:

Not one of the services I use have mandatory 2FA nor do they require a cell phone - so counterpoint. 

Think I am doing business with 3 or 4 companies actively right now that ask for 2FA on occasion (mostly professional services, doctors etc.). Microsoft used to (programmer stuff) but it got wayyy too annoying since it asked me every. darn. time. for the SMS code, etc.

Link to post
Share on other sites
33 minutes ago, Love Zhaoying said:

Idea for new 2FA: user must lookup chapter and verse from a King James (modern, English) Bible. 

"lookup"? That's cheating, heathen! You should have it memorized. It's where I get all my passwords.

  • Haha 1
Link to post
Share on other sites
1 hour ago, Alwin Alcott said:

don't overstep your points... it's getting a little overdone now.

Thank you for your opinion, duly noted and ignored.  🙄

1 hour ago, Alwin Alcott said:

I have several official services i NEED to participate in, and they only allow codes by phone or phone app. There is no way around it.

It's unfortunate that those services aren't better at security or privacy because that is what it boils down to and that does suck.

1 hour ago, Alwin Alcott said:

And aboutleaving SL  for changes?... that happened all the years with big impact changes by LL. This could be just another one, could ask if that's wise in a already declining userbase, because what they seem to want .. a shiny perect virtual world... isn't going to happen anymore. And together with the fee rise... bad ideas.

Like I said, if LL are intent an making a huge misstep and alienating the userbase then there is nothing you or I can do about and discussing the merits of 2FA when done properly here, isn't going to make any difference nor is it a 2FA problem.

Link to post
Share on other sites
49 minutes ago, Love Zhaoying said:

Think I am doing business with 3 or 4 companies actively right now that ask for 2FA on occasion (mostly professional services, doctors etc.). Microsoft used to (programmer stuff) but it got wayyy too annoying since it asked me every. darn. time. for the SMS code, etc.

Isn't anecdotal data fantastic?  It literally proves nothing.  😁

  • Like 1
Link to post
Share on other sites

still am amazed,  in this day and age with all these companies out there, adobe, ect, having these leaks and passwords and account names and password floating about, that one would want to secure their accounts so they would not lose them or lose the ability to access them.   what disconnect am I missing here?

  • Like 6
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...