REMOVE TWO STEP AUTH

[okay]

Hello,

MCM should really remove two step authentication. I know it was recently added for security purposes but tbh, I'd rather not be secure. It's such a pain, every single day I have to check my emails in order for me to login. If I want to get on my iPad, I have to check my emails again, if I want to get on my phone, need to check my emails again. Even the "Remember this device for 30 days" doesn't work as my IP changes daily.
If it's for security purposes, I'd rather get hacked than have to enter a code every day and about four times day, that's just my opinion.
I also think it's useless, what's someone gonna do hack my account to rate their posts or hack my account to eh idk...just remove it...

 

[Overlord]

It is forced because of a former member/moderator named Ew.

Interesting how he became moderator being a guy like that.

So, if every member of this forum were responsible and was not stupid, then there would be no need for 2FA. Unfortunately that is not the case, and many members here use very stupid and simple passwords and use them on almost every site they go to. 2FA is forced in order to protect these people, and to protect the site and other members from the damage that Ew could do by compromising these user's accounts.

Yeah, I forgot who I'm talking about actually.

I prefer nara~kavi's solution here. I'm used to case scenarios whereby users care about their own security.

For the average user, a code every 30 days isn't (or shouldn't) really [be] unreasonable... Especially on a market site.

 

[Callam]

Hello,
I also think it's useless, what's someone gonna do hack my account to rate their posts or hack my account to eh idk...just remove it...

If someone hacks into your account they could do real damage to the users of MCM. Scamming, harassing... they could do all sorts of things!

I think that 2FA shouldn't be forced on the users of MCM. The only reason it's being forced on people is because of the recent attacks but the recent attacks have only been successful because people use the same password everywhere. They should have forced everyone to change their passwords instead of forcing everyone to use 2FA (if people change their passwords then people won't be able to use these leaked databases to login to peoples accounts).

 

[nara~kavi]

Interesting how he became moderator being a guy like that.

A lot of kids here like/respect him. I'm not sure why he was ever made a moderator. He was removed from his position and banned from the website for cracking accounts and boasting about it all over his Twitter.

If someone hacks into your account they could do real damage to the users of MCM. Scamming, harassing... they could do all sorts of things!

I think that 2FA shouldn't be forced on the users of MCM. The only reason it's being forced on people is because of the recent attacks but the recent attacks have only been successful because people use the same password everywhere. They should have forced everyone to change their passwords instead of forcing everyone to use 2FA (if people change their passwords then people won't be able to use these leaked databases to login to peoples accounts).

This could work, but to me it'd be more annoying to have to do this than it was to just enable 2FA (which I had done voluntarily anyways). And you'd have to ensure that people can't use the password they already were using.

2FA is a lot more secure anyways and protects against possible future breaches. I think it's good to at least have it default to on, but then have it so people can disable it if they really want to.

 

[Callam]

This could work, but to me it'd be more annoying to have to do this than it was to just enable 2FA (which I had done voluntarily anyways). And you'd have to ensure that people can't use the password they already were using.

2FA is a lot more secure anyways and protects against possible future breaches. I think it's good to at least have it default to on, but then have it so people can disable it if they really want to.

If people use the same password everywhere and suddenly are unable to use that password on MCM because they have been forced to change it, a lot of these attacks would be stopped. Even future ones. 2FA can be a huge inconvenience for someone, forcing someone to change their password can annoy people but it can't become a huge inconvenience.

2FA is definitely better in the long run but a lot of these attacks could simply be stopped if users used unique passwords!

 

[Overlord]

a lot of these attacks would be stopped

Sure, at least on this site they would. Not so sure about PayPal, and other sites where users are using the same password.

On this note, I introduce to you LastPass! A password manager brought to you, sponsored by Overlord. Use it. If you're really serious about your security, get a Yubikey too and secure your LP with YK.

2FA is definitely better in the long run but a lot of these attacks could simply be stopped if users used unique passwords!

This world would have no problems if every human had common sense, although, greed would still be a problem, therefore the Iraq war would still happen, terrorism would still exist due to messed up ideology, poverty wouldn't be eradicated either, but at least we wouldn't have stupid first world individuals.

 

[TheNewTao]

First day I get Premium they implement two step auth, why you gotta punish me like this

 

[Overlord]

First day I get Premium they implement two step auth, why you gotta punish me like this

As always, I have a solution without requiring any changes (although, I don't like the idea of forcing 2FA anyway). Get an email client with push notifications, and use email 2FA. If you're too lazy to click a link that pops up in your face, then, well, wow.

 

[Walrus]

We should use security questions on login, like mojang does

 

[Ajdin]

This has been done. 2FA is now optional. We highly recommend it though.