Remind users of 2FA importance.

[MrAniman2]

Unfortunately, there are many people in Minecraft community who would take any opportunity they can to hijack your user account, email, etc. for just a joke or for more serious matter - to try to commit fraud.

I really feel like Mc-Market should remind its users about 2FA option on a regular basis (maybe through notification once every two/three months or so) and briefly highlight the risks of not using 2FA.

 

[Norska]

I once made a suggestion to give an achievement for activating 2FA, it could be a good incentive for users to enable it other than the security it adds to the account.

 

[root]

+1 this suggestion even though I don't have 2-auth enabled.

anonymous be like...

nah but just enable it, it might take you a few extra seconds to login but it's better than losing your account

 

[manhattan]

can someone make hardware 2fa possible also

 

[Energy]

This seems like something we can very easily implement that would make the importance of using 2fa be known to as many users as possible.

 

[nfdegreu3i23r22r]

someone tried bruting my mcmarket account so i put on 2fa lol

 

[Kavish]

Everyone should have 2FA on pretty much everything of mild importance. It really doesn't hurt.

 

[nfdegreu3i23r22r]

also make sure its google authenticatior not anything else dont get simmed

 

[alice]

Lack of 2FA wouldn't be an issue if every time you logged in on an unknown IP address required additional verification (say email code), which could be enabled for all users by default.

I recommended this about a year ago. I don't know if it's been added yet. But it doesn't seem like a difficult change.

Edit:

Apparently, it already exists, but it isn't enabled by default. It should be, though.

 

[Mick]

In my opinion, they should also let new members be aware of it as well when they sign up. When people register, they receive a message from the Bot informing them of basic things like rules and such. 2FA should definitely fall in that line.

While they may not be a risk for it at the time they register, they could later down the road if they choose, or happen, to go inactive for a long period of time. I believe inactive accounts used to be prone to being compromised.

I agree with this, I think it's a much more elegant solution to the problem and perfectly targets our new users to educate them about the importance of 2FA. There isn't an easy way to set up automatically-reoccuring notices every 2/3 months like was suggested in the OP either without custom development, so I think we'll go with this solution.

I'll move this to pending until I actually make that change. Thank you.

 

[MrAniman2]

Well, in my opinion briefly mentioning 2FA importance in a wall of text sent to a user upon registering will have very little to no effect... Most users probably will ignore this info and will just skip it, others might take a quick look over it but won't take it seriously as they could just be here to check or buy few resources and don't want to be involved much with the community and therefore won't bother with 2FA... and if they happen to get active after some months or years no one will remember the initial message where 2FA was mentioned.

The main point of this suggestion was to start to bother users (who don't have 2FA enabled) and remind them about the importance of 2FA on a regular basis.

 

[SftpClient]

Unfortunately, there are many people in Minecraft community who would take any opportunity they can to hijack your user account, email, etc. for just a joke or for more serious matter - to try to commit fraud.

I really feel like Mc-Market should remind its users about 2FA option on a regular basis (maybe through notification once every two/three months or so) and briefly highlight the risks of not using 2FA.

I use 2fa but my ip changes almost every night which is super annoying

 

[Mick]

This has already been implemented, we just never got around to marking this suggestion as accepted.

Thank you very much for the suggestion! I'll move the thread now.