Jump to content

2FA when?

bigmoe Whitfield

By bigmoe Whitfield,
in Second Life Web

 Share
You are about to reply to a thread that has been inactive for 947 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

bigmoe Whitfield

bigmoe Whitfield

Posted
Posted

I'm not looking for arguments from other people on this,  it's getting to the point where I need everything I 2fa/3fa,  I work in a private sector that deals in certain items and we have several physical tokens to login with bio-metrics,  I'm used to level of security and SL is my only social outlet because of the hours I have to keep,  so I want every account I use to be super secure @Kristen Linden @Monty Linden any news on the progress?  

  • Thanks 1
  • Haha 1
Link to comment
Share on other sites
Ardy Lay

Ardy Lay

Posted
Posted
3 hours ago, bigmoe Whitfield said:

@Klytyna   whats so funny?  because I want and need the extra security in this day and age?  I'm not going to be accepting much less from any company soon,  2fa/3fa has to become a standard and used by every one even if they do not think they will ever need it.  

Klytyna gives free forum points!  Probably not the intent, but is the overall result.  Some people get upset about all the laughing.  Don't.  It's like they have cans and cans of laugh-track they are trying to purge.  A quick glance at their post history, which ended December 27, 2018, leads me to suspect "cat's got their tongue".  Will the "cat" ever give it back?  Unlikely.

  • Haha 1
Link to comment
Share on other sites
So Whimsy

So Whimsy

Posted
Posted
14 minutes ago, Sammy Huntsman said:

I honest want 2fa, so I can better protect my SL account. I do it with everything else and feel at ease with it. I want to be able to do it with my SL account too. 

Good for you, I don't. 14 years and 2 month make feel at ease without f2a e-mail spam.

  • Like 1
Link to comment
Share on other sites
Sammy Huntsman

Sammy Huntsman

Posted
Posted
1 minute ago, So Whimsy said:

Good for you, I don't. 14 years and 2 month make feel at ease without f2a e-mail spam.

I don't get F2A spam at all. Unless someone tries to login into my account. Hell I have it setup, where i also get a text letting me know that as well. I would rather that, than have someone gaining access to my account. 

Link to comment
Share on other sites
So Whimsy

So Whimsy

Posted
Posted
1 minute ago, Sammy Huntsman said:

I don't get F2A spam at all. Unless someone tries to login into my account. Hell I have it setup, where i also get a text letting me know that as well. I would rather that, than have someone gaining access to my account. 

The f2a I have been faced with in various MMORPG's always send me a mail with a code I need to provide upon log in. That's what I don't want and so far we don't know just how they will implement f2a, right?

  • Like 1
Link to comment
Share on other sites
bigmoe Whitfield

bigmoe Whitfield

Posted
  • Author
Posted
19 hours ago, So Whimsy said:

I really hope its opt-in.

you do realize at some point, you will have zero choices for opt-in, as it's becoming the norm and will be at some point either you use it, or you are not going to be able to use services,  I wish people would stop trying to fight security.

  • Haha 2
Link to comment
Share on other sites
Coffee Pancake

Coffee Pancake

Posted
Posted
19 hours ago, So Whimsy said:

The f2a I have been faced with in various MMORPG's always send me a mail with a code I need to provide upon log in. That's what I don't want and so far we don't know just how they will implement f2a, right?

Yeah, but an email sure beats the hell out of trying to log in one day and finding you can't because someone else has your account.

Just because you've not had your account compromised yet, doesn't mean it can't or won't happen.

 

Oh .. and you do use different strong passwords for everything, right?

  • Like 1
  • Haha 1
Link to comment
Share on other sites
So Whimsy

So Whimsy

Posted
Posted
1 hour ago, bigmoe Whitfield said:

you do realize at some point, you will have zero choices for opt-in, as it's becoming the norm and will be at some point either you use it, or you are not going to be able to use services,  I wish people would stop trying to fight security.

If it's not opt-in or opt-out I'll find myself logging into SL less just like with those MMO's, some of which I even de-installed because it was annoying as heck.

1 hour ago, Coffee Pancake said:

Oh .. and you do use different strong passwords for everything, right?

Absolutely.

  • Like 1
Link to comment
Share on other sites
sirhc DeSantis

sirhc DeSantis

Posted
Posted
On 8/18/2021 at 4:21 PM, bigmoe Whitfield said:

you do realize at some point, you will have zero choices for opt-in, as it's becoming the norm and will be at some point either you use it, or you are not going to be able to use services,  I wish people would stop trying to fight security.

Which services would those be then? You already hinted you are in some sort of private sector hive that is all security all the time - so tell me. Which 'services' that you and your corporate provide will they be?

As always, response to this is - 'opt in yeah whatever. obligatory well now - show me how its going to be done. all of it. including all actors. all of them with traceable paths =^^='

  • Thanks 1
Link to comment
Share on other sites
bigmoe Whitfield

bigmoe Whitfield

Posted
  • Author
Posted
5 hours ago, sirhc DeSantis said:

Which services would those be then? You already hinted you are in some sort of private sector hive that is all security all the time - so tell me. Which 'services' that you and your corporate provide will they be?

As always, response to this is - 'opt in yeah whatever. obligatory well now - show me how its going to be done. all of it. including all actors. all of them with traceable paths =^^='

we use a 2fa/3fa combination currently,  these are self rolled with google auth behind them,  that's all I'm legally allowed to say, several federal level nda's on my butt here.

  • Haha 1
Link to comment
Share on other sites
Luke Rowley

Luke Rowley

Posted
Posted

Well, also, it's not because you have a strong password that someone can't get it. If for some reasons you get a keylogger on your computer and the person get your password, it can be strong as hell, it won't make a difference and that's where 2fa is super useful. I'm waiting for it too. 

Link to comment
Share on other sites
  • 1 month later...
mygoditsfullofstars

mygoditsfullofstars

Posted
Posted
42 minutes ago, Alwin Alcott said:

it's not even possible to delete your account by that button :)  just close the access.

It deactivates the account at first and involves having to engage LL support to try and get it back.. That page should be blocked by 2FA regardless. Say someone malicious manages to steal the current password to an account, then out of spite because they cant change the password or do other things to it, they delete the account. Then the legit owner of the account has to then go through all the hassle with support to try and get their account back (even worse, if its left deactivated long enough, the accounts inventory will be purged)... Easier and better to just protect that page to save someone having to go through the hassle.

I was surprised on how LL implemented this actually, I would have thought they would just prevent account login entirely without 2FA, rather than just protect a subset of functions after logging in.

  • Haha 1
Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted
9 minutes ago, mygoditsfullofstars said:

I was surprised on how LL implemented this actually, I would have thought they would just prevent account login entirely without 2FA, rather than just protect a subset of functions after logging in.

Not surprised At All. And warned people that it would likely not be implemented properly - at a minimum.

  • Thanks 1
Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 947 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...