[Forum & Web] more Security

[TheBj03rn]

Suggestion Name: [Forum & Web] more Security

Suggestion Description:

A Two Factor Auth (via QR code or text message (sms) can be left optional query every 30 days) to the acount to protect safety.
As with WordPress or the new Steam Guard Mobile Authenticator.

 

Your account is currently protected by the two-step authentication. If this is activated, you need to log in to WordPress.com (ets2mp.com) in addition to your username and password a SMS sent, unique access code.

 

Backup codes
With backup codes, you can access your account, your smartphone should be lost, stolen or accidently end up in the washing machine and no longer save with the Reist Rick.
 

Any example images: Steam Guard Mobile Authenticator, sms (german)
Why should it be added?:

Security against the NSA (Chancellor Angela Merkel, Germany)
No fun, more safety should be important to each of registered users.

[Guest]

Okay our datas are important, but not as important as those we have in Steam, this can be activated but to me it's useless in a forum like that.

What can we risk,

- somebody gets our mail/password, maybe I'm the only one but my email here is my junk email (I go on it just to delete all the mails, without reading them), and for the pass it's the same, a pass that I use only on low security websites.

- Getting banned because of a troll, we can make a ban appeal and explain the situation, admins are not monsters they can understand and unban the victim.

 

To me it's a -1

[sgpch1983]

big -1 not everyone can recive sms.. i for example have (becouse of low money and nsa) no mobil/smart phone! i also have no social media accounts besides twitter and youtube (no i dont have a g+ account!!).

[Unkeyboardinated]

Like others said what happens if you dont recieve SMS messages, then what?

[TheBj03rn]

Like others said what happens if you dont recieve SMS messages, then what?

 

Contact with the Sim card provider, the phone manufacturer or the ets2mp team.

And when it does not work, you can turn off this option so for safety, it is optinal for users who want more security.

[sgpch1983]

ohhh.. so you want it as optional.. than i dont care.. what ever.. i leave this disabled.

[_J-M]

What would the "Hacker" steal from ETS2MP?

 

There's no credit card register. We don't have any personal information registered into our system about you. So I don't see the point of making that kind of system that would take a lot of hours for not being that useful. Also we can't even decrypt the password of anyone from the database. (Possible but would take monthsss) 

[Guest]

2 factor might be something we'll consider for the next major iteration of the site and mod. but as it stands, it's a no.

[KrazyMudkip]

-1

 

From me for the pure reason of receiving SMS's in the Highlands in the middle of nowhere is always an issue.

So a big No No from me

Also, There isn't really anything important to collect if a hacker got into your account.

No credit card details

No anything

[Guest]

We will consider it, it'll be an implementation of TOTP with email as fallback. SMS Will Never happen(at least not uless the project wins the jackpot in the lottery )

[Guest]

I think this will be declined for now, architecturally it's going to be tricky and unnecessary amount of work with little-to-no gain.