2 step verification required?

lAkjtzAZ0 · Aug 8, 2016

Skionz said:
It may have taken you 1 minute, but that doesn't mean everyone can do it that quickly.

Okay. Let's say it takes you 5 minutes to download the app, which would mean your internet is really really really bad. 5 minutes down. Open the app, open mcm, link everything and enter the code. Let's say that takes 2 minutes, and that's a long time for this. 7 minutes... it took 7 minutes to ensure your account is protected. Now every 30 days you have to open the app once, enter the 6 digit code which takes, eh, 30 seconds max? If that's too much time for people to protect themselves, people are fucking lazy and deserve to be hacked

Skionz · Aug 8, 2016

superpenetration said:
Okay. Let's say it takes you 5 minutes to download the app, which would mean your internet is really really really bad. 5 minutes down. Open the app, open mcm, link everything and enter the code. Let's say that takes 2 minutes, and that's a long time for this. 7 minutes... it took 7 minutes to ensure your account is protected. Now every 30 days you have to open the app once, enter the 6 digit code which takes, eh, 30 seconds max? If that's too much time for people to protect themselves, people are fucking lazy and deserve to be hacked

I used the email verification. I'm on vacation and have no access to a computer besides my phone. I was prompted for my password then it sent me an email with the code. I get the code and go back to the page to enter it. The only issue is my phone refreshes the page when you leave it and come back so it refreshed the page, the old code didn't work and it sent me a new code which I could not access without leaving the page because it would refresh. So I grab my other phone and login to my email account. Only issue is the mobile version sucks and I couldn't open any emails so I had to download the app. 10 minutes later I finally get into my email and enter the code. The whole process took over a half hour.

lAkjtzAZ0 · Aug 8, 2016

Skionz said:
I used the email verification. I'm on vacation and have no access to a computer besides my phone. I was prompted for my password then it sent me an email with the code. I get the code and go back to the page to enter it. The only issue is my phone refreshes the page when you leave it and come back so it refreshed the page, the old code didn't work and it sent me a new code which I could not access without leaving the page because it would refresh. So I grab my other phone and login to my email account. Only issue is the mobile version sucks and I couldn't open any emails so I had to download the app. 10 minutes later I finally get into my email and enter the code. The whole process took over a half hour.

Well that's one particular case. Most people on here don't solely browse mcm on their phone without access to a computer. Also, using google auth you could have left the app open and the code wouldn't have refreshed..

Skionz · Aug 8, 2016

superpenetration said:
Well that's one particular case. Most people on here don't solely browse mcm on their phone without access to a computer. Also, using google auth you could have left the app open and the code wouldn't have refreshed..

There are plenty of ways I could have done it, but it would have taken time to figure out. And time is what we are complaining about.

lAkjtzAZ0 · Aug 8, 2016

Skionz said:
There are plenty of ways I could have done it, but it would have taken time to figure out. And time is what we are complaining about.

Google auth, one way and a good way, would have taken no more than 5 minutes to figure everything out

Skionz · Aug 8, 2016

superpenetration said:
Google auth, one way and a good way, would have taken no more than 5 minutes to figure everything out

I have never heard of it so yes it would have taken more than 5 minutes for me to learn what Google auth even is.

Chearful · Aug 8, 2016

stop being so ungrateful about the extra security being put in the place.

lAkjtzAZ0 · Aug 8, 2016

Skionz said:
I have never heard of it so yes it would have taken more than 5 minutes for me to learn what Google auth even is.

It's a listed option on the 2 step menu. You open it, it shows you a number

Fire · Aug 8, 2016

superpenetration said:
Some of these high rep kids had "common sense" until they got hacked. How is it a pain Reversi? It took me about 1 minute max to download the app, link everything, and enter the code I needed to enter. I don't have to do that for another 29 days. If that's too much trouble for you then you're gonna struggle in the real world

Its a pain for those of us that have quite a few devices. Yes, it only takes 1 min. But when you have 6 devices, you use MCM on. Its a pain, having to 2 step, before i can get on. Should be advised, but not compulsory. When i go into college, i will have to 2 step, every day that i want to go on. Since i will be on a diffrent PC. Just another think i have to do, every day that im there. More of a pain that anything else, for those that do keep our accounts safe, ourselves.

Luigical · Aug 8, 2016

Skionz said:
It is a pain in the ass. Personally, I'm a little angry that I have to pay for the foolish mistakes a few members made.

What mistake would that be

Fire · Aug 8, 2016

Luigical said:
What mistake would that be

Having weak passwords. Or running EXE files, that people have sent them.

Luigical · Aug 8, 2016

Fire said:
Having weak passwords. Or running EXE files, that people have sent them.

I didn't have either but I still got hacked?

Fire · Aug 8, 2016

Luigical said:
I didn't have either but I still got hacked?

If you didnt do anything, or have a RAT, or virus on your PC, that you have run. Then it has to either MCM sided, or you use the same password for a few things, or something along those lines.

Reversi · Aug 9, 2016

Chances of getting accepted if I make a suggestion about this? :rofl:

mattrick · Aug 9, 2016

Convenience is the enemy of security. Call me paranoid, but I enable 2FA on any service that offers it, especially considering the recent (some even in plaintext) leaks of passwords from popular sites like 000webhost, MySpace, and Linkedin (this is actually most likely where most compromised accounts from MCM had their passwords stolen from). Unless you don't reuse passwords across sites (you really should be using a password manager like LastPass at this point, anyway), 2FA may very well have kept your account from being compromised. 2FA is not really that much of an inconvenience either, many services like Steam and Twitter already have something similar to it, and using Google Authenticator makes it extremely easy to set up and use.

Generally when it comes to security, it pays off to be paranoid. I know many people here don't want to be inconvenienced by having to either type in a 6-digit code or clicking a link in an email every 30 days or so, but it really helps to prevent your account from being compromised.

Reversi · Aug 10, 2016

mattrick said:
Convenience is the enemy of security. Call me paranoid, but I enable 2FA on any service that offers it, especially considering the recent (some even in plaintext) leaks of passwords from popular sites like 000webhost, MySpace, and Linkedin (this is actually most likely where most compromised accounts from MCM had their passwords stolen from). Unless you don't reuse passwords across sites (you really should be using a password manager like LastPass at this point, anyway), 2FA may very well have kept your account from being compromised. 2FA is not really that much of an inconvenience either, many services like Steam and Twitter already have something similar to it, and using Google Authenticator makes it extremely easy to set up and use.

Generally when it comes to security, it pays off to be paranoid. I know many people here don't want to be inconvenienced by having to either type in a 6-digit code or clicking a link in an email every 30 days or so, but it really helps to prevent your account from being compromised.

Tbh, I never use any social media sites, and most of my passwords look like the codes on the back of an amazon giftcard anyways so it is legit a pain in the ass to check my email every time I log on.

mattrick · Aug 10, 2016

Reversi said:
Tbh, I never use any social media sites, and most of my passwords look like the codes on the back of an amazon giftcard anyways so it is legit a pain in the ass to check my email every time I log on.

Even if you use decent security practices, that definitely doesn't mean others do. The average person's security practices are laughable at best.

2 step verification required?

lAkjtzAZ0

Skionz

ogminecraft.com

lAkjtzAZ0

Skionz

ogminecraft.com

lAkjtzAZ0

Skionz

ogminecraft.com

Chearful

thomas.gg

lAkjtzAZ0

Fire

Always DM me here before dealing via Discord.

Luigical

Professional Grade Setup Specialist

Fire

Always DM me here before dealing via Discord.

Luigical

Professional Grade Setup Specialist

Fire

Always DM me here before dealing via Discord.

Reversi

mattrick

Web Designer & Developer

Reversi

mattrick

Web Designer & Developer