Do you use 2FA for any other thing apart of banking?


Well-known member

As you know, XenForo recently announced that 2FA will be available in 1.5. My personal opinion about this is:

I find the 2FA feature to be a very good feature for XenForo marketing purposes however for general forums I find it overkill to make the logging process even more complex. Hell I don't even use 2FA for my mail address and I will be using it on a forum account? No thanks.
Source: Option to disable 2FA globally

So maybe I'm the only one who doesn't like 2FA and perhaps other people are actively using it on their online services like email or social media accounts, I don't know. In my case, the only online activity where I use 2FA is banking and not because I want but because my banks requires me to have a token in order to make withdrawals.

How about you guys? Do you actively use 2FA for your online activities?

By the way, the following suggestion has been made inmediately after the feature was announced: Option to disable 2FA globally. So if you also don't like 2FA you might want to go and like the first post of that suggestion!


Chris D

XenForo developer
Staff member
If it's available, I'll use it.

Here's the list of things I use it on:
  1. 3 of my Google Accounts
  2. Slack
  3. Microsoft Account (Skype/Windows login etc)
  4. XenForo 1.5 ;)
  5. Internet banking
My advice: Embrace it, do it, get behind it. It's an important technology and it will add an important layer of protection to your data.


Well-known member
I only use it on GitHub (partly because the company I worked for required it), but its an excellent idea regardless. As Opt-In, I see absolutely 0 reason for disabling it globally. Why not give me the option to use it when I want?


Well-known member
I use it where available (banking/emails/social networks) then just add the device I use frequently as a trusted device so it doesn't require a code every time. A bit of extra time to set up but a lot of extra security.


Well-known member
I see absolutely 0 reason for disabling it globally
Disabling it global will allow site owners and their staff to have a chance to learn about it's functionality to provide better service for when they do allow their members to use it.

Kinda like, at the moment with the XF team developing it, they know it inside out, so when it's released here, they'll understand it's use, how it works and how to help XF members if/when they become a bit stuck with it. Without the option to disable it globally, site owners are being forced to use something that they might not even understand yet, so they would be no help at all when their members need help with it.

As a site owner, I would prefer to have it disabled to begin with so I can get up to speed with the feature, if this it is not an option, it will be difficult to manage panic/support e-mails because undoubtedly, members wanting to use it will have questions and I won't have the answers. So an option to disable it globally is must in my eyes. Disabling it globally doesn't mean it will be disabled indefinitely.

If the feature is enabled, then yes, it should be the members choice to opt-in, no one is saying it shouldn't be.

But, the feature being enabled on the site in the first place should be the site owners choice.

Chris D

XenForo developer
Staff member
I saw you post similar comments before, Richard, I can't remember if I replied or not to you but I had a reply in mind. Sorry if I'm repeating myself.

Honestly, I appreciate it's easy for me to say, but really you would need minutes to learn how it works; not hours or days.

Also, given that it is always the recommendation to roll out second point releases in a test environment first, even if you need more than a few minutes, that should give you the time to get to grips with it.


Well-known member
I hope that there is no option to disable it, because then admins who don't know what it is will probably just turn it off rather than learn about it.

I assume this site will use version 1.5 when it's ready, so you could try it out with your own account here. Then you'll have the experience to help your members use it.

Edit: To answer the OP, I use it for Google.
Last edited:


Well-known member
Hi Chris,

Thank you for your input and I appreciate what you are saying, but I still think it should be the site owners choice to whether it should be enabled or not. I think I said in my suggestion that my reason is just 1 reason and I am sure there are others. I believe there is someone that said his members are mostly elderly and will struggle with something like this and they may not always know what it is that there are opting in for. Another instance would be a mental health forum that uses XF, where a lot of their members have a range of mental illnesses and something like this, they may struggle with and may also not know what they are opting in for.

I'm all for providing better security and I think it is a great feature, but I still believe it should be the site owners choice to have it enabled.


Well-known member
I get releases at the same time as other customers, and I plan to be able to support it at the get go when necessary. I'm not worried about not being able to get caught up. It's an opt in feature and I still can't understand a reason to take away the option..x


Well-known member
I use it whereever possible and especially for my Google account which is connected to many other accounts and devices and so I love this feature. (y)(y)(y)
I also like the suggestion of providing webmasters an option to disable it globally but wouldn't it be a problem for those users who have already opted in for 2FA and want to continue with it? Imho, 2FA or any other extra step toward safe browsing should be a priority to every webmaster.