Putting the 'role' back in role-playing games since 2002.
Donate to Codex
Good Old Games
  • Welcome to rpgcodex.net, a site dedicated to discussing computer based role-playing games in a free and open fashion. We're less strict than other forums, but please refer to the rules.

    "This message is awaiting moderator approval": All new users must pass through our moderation queue before they will be able to post normally. Until your account has "passed" your posts will only be visible to yourself (and moderators) until they are approved. Give us a week to get around to approving / deleting / ignoring your mundane opinion on crap before hassling us about it. Once you have passed the moderation period (think of it as a test), you will be able to post normally, just like all the other retards.

PUBLIC SERVICE ANNOUNCEMENT: 2FA NOW MANDATORY - YOU DON'T NEED A PHONE NUMBER FFS

Atlantico

unida e indivisible
Patron
Joined
Sep 7, 2015
Messages
17,127
Location
Midgard
Make the Codex Great Again!
There might be a problem with the Coronavirus thread caused by post deletions: https://rpgcodex.net/forums/threads/coronavirus-kung-flu-from-china-with-love.131586/page-1639

It seems to jump from post #40,946 on page 1638 to post #40,953 on page 1639. :M

The fuck.
The Ukraine thread is also fucked (again), every post is showing as posted June 1 and older posts are being mixed with newer ones
 

Twiglard

Poland Stronk
Patron
Staff Member
Joined
Aug 6, 2014
Messages
7,509
Location
Poland
Strap Yourselves In Codex Year of the Donut
For people complaining. You'll complain about either losing the ability to delete posts, or 2fa. You'll complain either way.

Hijacking old accounts and deleting posts is something any random loser script kiddie can do. These leaked account+password lists are freely available to kiddies and anyone with a very minor technical know-how can start removing thousands of Codex posts.

Perhaps a compromise could be made with Taluntain and DarkUnderlord where 2fa is force-enabled for everyone, but you can actually turn it back off if it annoys you a LOT.

For people thinking that 2fa means that Codex can record your phone number, you're wrong. It's enough to say that if you enable 2fa via an authenticator, there's no way for the Codex to connect the registered authenticator to the phone you're running it on. You can even enable it without a phone using a different kind of authenticator (the mechanism is generic enough¹ for this). Otherwise use email authentication.

For people for whom 'remember me' doesn't work and it prompts you all the time -- rate this post 'fabulously optimistic' so that I know how many people have this problem. I'll figure out a solution for you.

¹ An authenticator is a mathematically secure mechanism utilizing public-key cryptography. There's no central authority connecting authenticators with user personally identifiable information.
 
Last edited:

ItsChon

Resident Zoomer
Patron
Joined
Jul 1, 2018
Messages
5,387
Location
Երևան
Steve gets a Kidney but I don't even get a tag.
My time playing OSRS (a game where Venuelazans are constantly trying to hack your account so they can sell all your items for in game currency, which they transfer to their accounts so can sell it to other players because selling gold in a virtual game leads to more income for them and their families than working an actual job in Venezuela) has made me grow accustomed to just putting in my authenticator constantly, so I don't really care, but a fix would be nice if it'll be easy.

Thanks for the hard work!
 

ItsChon

Resident Zoomer
Patron
Joined
Jul 1, 2018
Messages
5,387
Location
Երևան
Steve gets a Kidney but I don't even get a tag.
a fix would be nice if it'll be easy.
How about now? I've disabled it for your account via the admin panel. Either it works for you now or it's going to turn itself back on... Figures.
The authentication got completely disabled and I was prompted to enable it once again. Once I did, I logged in and out several times and it seems to work now. If this was the solution, bravo for getting it done so quick.
 

Twiglard

Poland Stronk
Patron
Staff Member
Joined
Aug 6, 2014
Messages
7,509
Location
Poland
Strap Yourselves In Codex Year of the Donut
The authentication got completely disabled and I was prompted to enable it once again. Once I did, I logged in and out several times and it seems to work now. If this was the solution, bravo for getting it done so quick.
It wasn't meant to turn itself back on. But now that you mention that it works, let's try it as the solution for everyone else with the same problem.
 

Crispy

I feel... young!
Patron
Staff Member
Joined
Feb 16, 2008
Messages
1,877,246
Location
Future Wasteland
Strap Yourselves In
I suppose having a very small list of the users here for which we disable 2FA is going to make it a lot easier in the future to choose whom to blame when something inevitably goes wrong.

:smug:
 

ItsChon

Resident Zoomer
Patron
Joined
Jul 1, 2018
Messages
5,387
Location
Երևան
Steve gets a Kidney but I don't even get a tag.
Twiglard Actually the issue still persists. If I keep my browser open, I can log in and log out as many times as I want without having to go through my authenticator. As soon as I close my browser however, I need to go through the whole process again. I have my browser set to not save any cookies so that's probably why. Any suggestions outside of just unticking that option? Create an exception perhaps? Or is there a better way to go about things?
 

Twiglard

Poland Stronk
Patron
Staff Member
Joined
Aug 6, 2014
Messages
7,509
Location
Poland
Strap Yourselves In Codex Year of the Donut
I have my browser set to not save any cookies so that's probably why.
1686624618051.png
 

gaussgunner

Arcane
Joined
Jul 22, 2015
Messages
6,159
Location
ХУДШИЕ США
I have my browser set to not save any cookies so that's probably why.
No shit, Sherlock :lol:

When you log in, the website generates a big random number, saves it in its database, and tells your browser to save it in a cookie. It's called a session cookie. Every time you interact with the site, your browser sends that cookie to the server. If it matches one in the database, you're still logged in, otherwise you're not.
 

Vic

Savant
Undisputed Queen of Faggotry Bethestard
Joined
Oct 24, 2018
Messages
5,716
Location
[REDACTED]
why not just enable cookies? are you logging in every time on every website?

are you wearing a tinfoil hat too?
 

BruceVC

Magister
Joined
Jul 25, 2011
Messages
9,873
Location
South Africa, Cape Town
Twiglard Actually the issue still persists. If I keep my browser open, I can log in and log out as many times as I want without having to go through my authenticator. As soon as I close my browser however, I need to go through the whole process again. I have my browser set to not save any cookies so that's probably why. Any suggestions outside of just unticking that option? Create an exception perhaps? Or is there a better way to go about things?
This has been identified several times on this thread as necessary for 2FA to work , just enable cookies for Codex. It doesnt have to apply for other websites
 

Twiglard

Poland Stronk
Patron
Staff Member
Joined
Aug 6, 2014
Messages
7,509
Location
Poland
Strap Yourselves In Codex Year of the Donut
If you want a less intrusive experience with the Codex you can do something like this.

1686684035689.png


1686684247910.png


As well as all possible third-party things blocked in Firefox globally.

Here, there's something that actually improves privacy while browsing the Codex way more than purging *.rpgcodex.net cookies all the time. You can still use private mode for your shenangians.
 

Stavrophore

Most trustworthy slavic man
Patron
Vatnik
Joined
Aug 17, 2016
Messages
14,468
Location
don't identify with EU-NPC land
Strap Yourselves In
We need a system where you plaster the screen of your smartphone with your dick, and King Crispy gets notification to check if the dick matches the user who is logging in. No tough password to remembers and the only security risk is Crispy knowing your dick.
 

As an Amazon Associate, rpgcodex.net earns from qualifying purchases.
Back
Top Bottom