Jump to content

MULTI FACTOR AUTHENTICATION !!

Coffee Pancake

By Coffee Pancake,
in General Discussion Forum

 Share
You are about to reply to a thread that has been inactive for 951 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Jaylinbridges

Jaylinbridges

Posted
Posted

I stay qualified by calling my answering machine on my Google Voice number, and leaving a message that you have just won a free Hawaiian vacation and $5000 spending money.  I list the callback number as my smartphone.  Warning, there are catches to that deal - I think it's a scam.

 

Link to comment
Share on other sites
  • Replies 141
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Coffee Pancake
Coffee Pancake
Kimmi Zehetbauer
Kimmi Zehetbauer

At least it's opt-in --- especially for the 34 of us that don't have smart phones.

Chris Corvinus
Chris Corvinus

Only humans complain about something that’s optional. It’s why aliens won’t visit us.

Posted Images

Pixie Kobichenko

Pixie Kobichenko

Posted
Posted
11 minutes ago, Silent Mistwalker said:

Been there done that. Who am I going to call? There is no one for me to call. You have to make at least one phone call per month. I doubt they will let me get it back even though I was going through health issues.

I don't pay for the home phone. 

(If it were t come down to it- time & temp!)  Orrrrr: ….. yes these are really real- imma nerd so I’ve called them in the past….

D7C60ADF-B5E7-438D-B082-EC998F90302B.jpeg

067F11B2-6271-4B02-838A-EA93BB41ECA3.jpeg

Link to comment
Share on other sites
Coffee Pancake

Coffee Pancake

Posted
  • Author
Posted
1 hour ago, Silent Mistwalker said:

What I'd like to know is where am I supposed to get the money to buy a phone with in the first place? I have a home phone. That's all I can afford.

I get that completely, wasn't that long ago I was picking between buying ramen for a week and paying rent, my whole life fit in two suitcases (that I didn't own).

People upgrade cell phones & tablets all the time, the old ones just end up in a drawer12.

Older Apple are nicer, but they come with a huge caveat that you might not be able to install software from the app store you don't already have a license for if the phones OS is no longer supported. Android based (Inc Amazon) don't tend to have this problem.

You don't need a smart phone to be a phone, just hang it off your home wifi and everything will just work (it will still be able to make emergency calls). Older Android don't tend to hold their value either. A hand me down device is perfectly fine for this use case.

  • Haha 1
Link to comment
Share on other sites
Vihmakass

Vihmakass

Posted
Posted

In mine country you can do nothing with that authentication, even at work if there is very secure data.

We dont use MS stuff bc it isnt safe. We use digital ID or Smart ID or Mobile ID. Even banks ask them.

Messing with camera and scanning codes ..... it is so annoying and makes life complicated if your mobile gets lost or broke.

Digital ID works everywhere without any installing from MS / what already is unsecure/and  every session is unique.

  • Haha 3
Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted (edited)
9 minutes ago, Vihmakass said:

In mine country you can do nothing with that authentication, even at work if there is very secure data.

We dont use MS stuff bc it isnt safe. We use digital ID or Smart ID or Mobile ID. Even banks ask them.

Messing with camera and scanning codes ..... it is so annoying and makes life complicated if your mobile gets lost or broke.

Digital ID works everywhere without any installing from MS / what already is unsecure/and  every session is unique.

Oh for ....

2FA/MFA has incredibly little to do with Microsoft - they are just one of many software side avenues to get a 2FA/MFA application from.

All of that being quite beside the points some have been making here - both for and against.

ETA: If by some chance you were meaning text based 2FA, that's SMS or MMS.

Edited by Solar Legion
Link to comment
Share on other sites
Vihmakass

Vihmakass

Posted
Posted
6 minutes ago, Solar Legion said:

Oh for ....

2FA/MFA has incredibly little to do with Microsoft - they are just one of many software side avenues to get a 2FA/MFA application from.

All of that being quite beside the points some have been making here - both for and against.

"If you don't already have an authenticator app on your mobile device, install the authenticator app of your choice.

  • Most authenticator apps, like Microsoft Authenticator or Google Authenticator, are free and available in your device's app store, and are regularly kept up to date with automatic updates."
  • Thanks 2
  • Haha 2
Link to comment
Share on other sites
Istelathis

Istelathis

Posted
Posted

I don't think many people would feel comfortable with DigitalID, at least from what I understand of it.  There was a thread here earlier regarding having people's real ID linked to their SL account, and it was not popular.  With mfa, there is no need to link your real ID with SL.  No real need for a mobile device, really.  I tried it using WinAuth on Windows 10 and it ran fine, you just need to decode the QR code and put it in your favorite authenticator app, and it should work fine.  

 

Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted
Just now, Vihmakass said:

"If you don't already have an authenticator app on your mobile device, install the authenticator app of your choice.

  • Most authenticator apps, like Microsoft Authenticator or Google Authenticator, are free and available in your device's app store, and are regularly kept up to date with automatic updates."

And? Two, rather common place suggestions for Authenticator applications. Nothing more than that.

So again,

Quote

2FA/MFA has incredibly little to do with Microsoft - they are just one of many software side avenues to get a 2FA/MFA application from.

All you've listed are alternative application "solutions" - all of which are downloaded.

Link to comment
Share on other sites
Vihmakass

Vihmakass

Posted
Posted (edited)

I bet you dont know what digital ID is. It is given to me by our goverment, not by MS or other company.

Thru it i get all what is needed. It is legal official passport, just in digital form.

We even vote with it online. So it can allow me be anonymous too still verify me.

Edited by Vihmakass
  • Haha 2
Link to comment
Share on other sites
Solar Legion

Solar Legion

Posted
Posted (edited)
10 minutes ago, Vihmakass said:

I bet you dont know what digital ID is. It is given to me by our goverment, not by MS or other company.

Thru it i get all what is needed. It is legal official passport, just in digital form.

We even vote with it online.

And? SmartIDMobileID.

They're application based authenticators - tied to a form of government ID (an incredibly foolish idea).

Your country as a whole does not use 2FA/MFA but instead uses the above applications or similar? Congratulations - they're fooling themselves into thinking their method is any more secure than existing authentication.

That said, not much use going around and around on this one - Linden Lab took the road they took. Including going about implementation that is backwards (securing individual sections/leaving certain ones at risk).

And as another poster has mentioned: This entire thread could be skimmed by someone unsavory that is looking for targets/loopholes.

Congratulations to a few that went and pointed them out - here and elsewhere. Cat's out of the bag there now isn't it?

Edited by Solar Legion
Link to comment
Share on other sites
Vihmakass

Vihmakass

Posted
Posted (edited)
9 minutes ago, Solar Legion said:

And? SmartIDMobileID.

They're application based authenticators - tied to a form of government ID (an incredibly foolish idea).

Your country as a whole does not use 2FA/MFA but instead uses the above applications or similar? Congratulations - they're fooling themselves into thinking their method is any more secure than existing authentication.

Nope they doesnt form digital ID FROM those applications. Digital ID is completely dif thing

And yes you can tie SmartID and mobile ID with it but not vice versa. I can tie many things with it but aplications what i tie doesnt get mine personal data like you think.

Edited by Vihmakass
  • Haha 2
Link to comment
Share on other sites
LittleMe Jewell

LittleMe Jewell

Posted
Posted

These are the current problems that I see - not sure if LL considers them issues or not, so will open a JIRA to confirm.

I can close the tab; leave it closed for a bit; open a new tab; go back to my Dashboard and I can still get to all financial pages without needing a new token.  

I can leave the tab open all night and on the next day the token has not expired and I can still get to all financial pages.

No token required to Buy L$ or to get to my LindeX Order History.

Link to comment
Share on other sites
Buttacwup Float

Buttacwup Float

Posted
Posted
7 minutes ago, LittleMe Jewell said:

These are the current problems that I see - not sure if LL considers them issues or not, so will open a JIRA to confirm.

I can close the tab; leave it closed for a bit; open a new tab; go back to my Dashboard and I can still get to all financial pages without needing a new token.  

I can leave the tab open all night and on the next day the token has not expired and I can still get to all financial pages.

No token required to Buy L$ or to get to my LindeX Order History.

I have noticed the same thing. The current authentication time out is way too long and does not apply adequately to enough pages. If you can get a session that's open it seems that you can even change your password without having to confirm through your token. I am planning to add Jira as well.

Link to comment
Share on other sites
Kimmi Zehetbauer

Kimmi Zehetbauer

Posted
Posted
1 hour ago, Iggy UwU said:

this should have been added way sooner. i am kind of glad they did this as an option if you want to secure your account more.

At least it's an option. For the casual SLer --- the current tried and true way of logging in will suffice. For those who merchant and run stores and such, this will help secure their things.

13 minutes ago, LittleMe Jewell said:

These are the current problems that I see - not sure if LL considers them issues or not, so will open a JIRA to confirm.

I can close the tab; leave it closed for a bit; open a new tab; go back to my Dashboard and I can still get to all financial pages without needing a new token.  

I can leave the tab open all night and on the next day the token has not expired and I can still get to all financial pages.

No token required to Buy L$ or to get to my LindeX Order History.

I think the bugs are still getting worked out.  Remember, we're guinea pigs as the developers really don't find out bugs until something is release to the masses.

  • Like 1
Link to comment
Share on other sites
Istelathis

Istelathis

Posted
Posted (edited)

Try to change your password and see if the token pops up, it does for me every time I open a new browser.  In fact, everything I have tried so far under the account listing on secondlife.com asks for the token for the first time upon opening the browser.  If I close out of the tab and go back, it will still open without asking for a token.  But if I close out of my browser and come back in, it will ask again.  I have my browser set to delete history, cookies, etc upon closing.

Edited by Istelathis
Link to comment
Share on other sites
LittleMe Jewell

LittleMe Jewell

Posted
Posted
4 minutes ago, Istelathis said:

Try to change your password and see if the token pops up, it does for me every time I open a new browser.  In fact, everything I have tried so far under the account listing on secondlife.com asks for the token for the first time upon opening the browser.  If I close out of the tab and go back, it will still open without asking for a token.  But if I close out of my browser and come back in, it will ask again.  I have my browser set to delete history, cookies, etc upon closing.

I never close my browsers unless I am rebooting my computer -- which only happens when Windows gets really pushy about installing an update.

 

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 951 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...