1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do you use 2FA for any other thing apart of banking?

Discussion in 'Off Topic' started by imthebest, Jun 23, 2015.

  1. imthebest

    imthebest Formerly Super120


    As you know, XenForo recently announced that 2FA will be available in 1.5. My personal opinion about this is:

    Source: Option to disable 2FA globally

    So maybe I'm the only one who doesn't like 2FA and perhaps other people are actively using it on their online services like email or social media accounts, I don't know. In my case, the only online activity where I use 2FA is banking and not because I want but because my banks requires me to have a token in order to make withdrawals.

    How about you guys? Do you actively use 2FA for your online activities?

    By the way, the following suggestion has been made inmediately after the feature was announced: Option to disable 2FA globally. So if you also don't like 2FA you might want to go and like the first post of that suggestion!

    51463 likes this.
  2. Solidus

    Solidus Well-Known Member

    Everything, everywhere.
    Andrej likes this.
  3. Chris D

    Chris D XenForo Developer Staff Member

    If it's available, I'll use it.

    Here's the list of things I use it on:
    1. 3 of my Google Accounts
    2. Slack
    3. Microsoft Account (Skype/Windows login etc)
    4. XenForo 1.5 ;)
    5. Internet banking
    My advice: Embrace it, do it, get behind it. It's an important technology and it will add an important layer of protection to your data.
    thumped and Bob like this.
  4. Jeremy

    Jeremy XenForo Moderator Staff Member

    I only use it on GitHub (partly because the company I worked for required it), but its an excellent idea regardless. As Opt-In, I see absolutely 0 reason for disabling it globally. Why not give me the option to use it when I want?
  5. Brogan

    Brogan XenForo Moderator Staff Member

    I don't understand the forum admin mentality of "I don't like 2FA so I'm not going to allow any of my members to use it either".

    Likewise for any other functionality forum admins remove, simply because they don't like or use it.
  6. James

    James Well-Known Member

    I use it where available (banking/emails/social networks) then just add the device I use frequently as a trusted device so it doesn't require a code every time. A bit of extra time to set up but a lot of extra security.
  7. Fred.

    Fred. Well-Known Member

    Same here, if it's available I use it. I like to have a second layer of security.
  8. RichardKYA

    RichardKYA Well-Known Member

    Disabling it global will allow site owners and their staff to have a chance to learn about it's functionality to provide better service for when they do allow their members to use it.

    Kinda like, at the moment with the XF team developing it, they know it inside out, so when it's released here, they'll understand it's use, how it works and how to help XF members if/when they become a bit stuck with it. Without the option to disable it globally, site owners are being forced to use something that they might not even understand yet, so they would be no help at all when their members need help with it.

    As a site owner, I would prefer to have it disabled to begin with so I can get up to speed with the feature, if this it is not an option, it will be difficult to manage panic/support e-mails because undoubtedly, members wanting to use it will have questions and I won't have the answers. So an option to disable it globally is must in my eyes. Disabling it globally doesn't mean it will be disabled indefinitely.

    If the feature is enabled, then yes, it should be the members choice to opt-in, no one is saying it shouldn't be.

    But, the feature being enabled on the site in the first place should be the site owners choice.
    dieketzer likes this.
  9. Chris D

    Chris D XenForo Developer Staff Member

    I saw you post similar comments before, Richard, I can't remember if I replied or not to you but I had a reply in mind. Sorry if I'm repeating myself.

    Honestly, I appreciate it's easy for me to say, but really you would need minutes to learn how it works; not hours or days.

    Also, given that it is always the recommendation to roll out second point releases in a test environment first, even if you need more than a few minutes, that should give you the time to get to grips with it.
  10. empire

    empire Well-Known Member

    I hope that there is no option to disable it, because then admins who don't know what it is will probably just turn it off rather than learn about it.

    I assume this site will use version 1.5 when it's ready, so you could try it out with your own account here. Then you'll have the experience to help your members use it.

    Edit: To answer the OP, I use it for Google.
    Last edited: Jun 23, 2015
  11. RichardKYA

    RichardKYA Well-Known Member

    Hi Chris,

    Thank you for your input and I appreciate what you are saying, but I still think it should be the site owners choice to whether it should be enabled or not. I think I said in my suggestion that my reason is just 1 reason and I am sure there are others. I believe there is someone that said his members are mostly elderly and will struggle with something like this and they may not always know what it is that there are opting in for. Another instance would be a mental health forum that uses XF, where a lot of their members have a range of mental illnesses and something like this, they may struggle with and may also not know what they are opting in for.

    I'm all for providing better security and I think it is a great feature, but I still believe it should be the site owners choice to have it enabled.
  12. Jeremy

    Jeremy XenForo Moderator Staff Member

    I get releases at the same time as other customers, and I plan to be able to support it at the get go when necessary. I'm not worried about not being able to get caught up. It's an opt in feature and I still can't understand a reason to take away the option..x
  13. imthebest

    imthebest Formerly Super120

  14. RichardKYA

    RichardKYA Well-Known Member

  15. Jeffin

    Jeffin Well-Known Member

    I use it whereever possible and especially for my Google account which is connected to many other accounts and devices and so I love this feature. (y)(y)(y)
    I also like the suggestion of providing webmasters an option to disable it globally but wouldn't it be a problem for those users who have already opted in for 2FA and want to continue with it? Imho, 2FA or any other extra step toward safe browsing should be a priority to every webmaster.
  16. RickM

    RickM Well-Known Member

    Yep, I use it wherever possible. Why on earth would you CHOOSE to be using an inferior security method?
  17. Tracy Perry

    Tracy Perry Well-Known Member

    Generally what I've found is mostly due to laziness. It takes some additional intervention/time and some can't be troubled by it.

Share This Page