Putting the 'role' back in role-playing games since 2002.
Donate to Codex
Good Old Games
  • Welcome to rpgcodex.net, a site dedicated to discussing computer based role-playing games in a free and open fashion. We're less strict than other forums, but please refer to the rules.

    "This message is awaiting moderator approval": All new users must pass through our moderation queue before they will be able to post normally. Until your account has "passed" your posts will only be visible to yourself (and moderators) until they are approved. Give us a week to get around to approving / deleting / ignoring your mundane opinion on crap before hassling us about it. Once you have passed the moderation period (think of it as a test), you will be able to post normally, just like all the other retards.

PUBLIC SERVICE ANNOUNCEMENT: 2FA NOW MANDATORY - YOU DON'T NEED A PHONE NUMBER FFS

Twiglard

Twiglard

Poland Stronk
Patron
Staff Member
Joined
Aug 6, 2014
Messages
7,443
Location
Poland
Strap Yourselves In Codex Year of the Donut
Zed Duke of Banville said:
Twiglard said:
Zed Duke of Banville anything specific about your 2fa issue?
Click to expand...
No, I've posted before that I'm hoping the Codex will settle on an alternative rather than 2FA that requires entering a code via email every time. Until then, I'll put up with it.
Click to expand...
If I added cracklib, or ran John the ripper in single mode on all passwords you'd hate it even more.

Detecting reused passwords is more involved and requires constant maintenance so it's too unworkable.
 
Krice

Krice

Arcane
Developer
Joined
May 29, 2010
Messages
1,546
Thought I lost my account, but the e-mail change did work after all. It took me couple of weeks to figure out that I can ask for password change and then enable 2FA. Anyway, I think now I have to use Edge to browse this forum, because I reset the password using it since I have taken everything out from Firefox (scripts etc.). Life is not perfect.
 
Last edited:
lukaszek

lukaszek

the determinator
Patron
Joined
Jan 15, 2015
Messages
13,072
Twiglard said:
Zed Duke of Banville said:
Twiglard said:
Zed Duke of Banville anything specific about your 2fa issue?
Click to expand...
No, I've posted before that I'm hoping the Codex will settle on an alternative rather than 2FA that requires entering a code via email every time. Until then, I'll put up with it.
Click to expand...
If I added cracklib, or ran John the ripper in single mode on all passwords you'd hate it even more.

Detecting reused passwords is more involved and requires constant maintenance so it's too unworkable.
Click to expand...
you can require password reset for all and then enforce 20character ones with unique signs. This way you basically force your users to use unique passwords and password manager. Then you can turn off 2fa requirement as password reuse will be unlikely
 
ds

ds

Cipher
Patron
Joined
Jul 17, 2013
Messages
2,216
Location
here
Behind the scenes picture of the Administration preventing mass deletes by requiring 2FA:
e936202dcfcc66b5.jpg

Didn't have to enter the code once yet since enabling it.
 
Caim

Caim

Arcane
Joined
Aug 1, 2013
Messages
17,025
Location
Dutchland
Konjad said:
ds said:
Behind the scenes picture of the Administration preventing mass deletes by requiring 2FA:
e936202dcfcc66b5.jpg

Didn't have to enter the code once yet since enabling it.
Click to expand...
Better than in any corporation I have worked so far.
Click to expand...
I work for a company with an annual income in the nine digits and the last time IT sent out a fake phishing mail as a security test almost a quarter of my dumbass coworkers clicked the mail. A fair chunk of the staff don't even have a corporate email, so the actual percentage of dipshits will be even higher.
 
lukaszek

lukaszek

the determinator
Patron
Joined
Jan 15, 2015
Messages
13,072
Caim said:
I work for a company with an annual income in the nine digits and the last time IT sent out a fake phishing mail as a security test almost a quarter of my dumbass coworkers clicked the mail. A fair chunk of the staff don't even have a corporate email, so the actual percentage of dipshits will be even higher.
Click to expand...
it gets better: external company as part of similar exercise sends job offer link. It was visited by more people(from same company) than original recipients.
 
Caim

Caim

Arcane
Joined
Aug 1, 2013
Messages
17,025
Location
Dutchland
lukaszek said:
Caim said:
I work for a company with an annual income in the nine digits and the last time IT sent out a fake phishing mail as a security test almost a quarter of my dumbass coworkers clicked the mail. A fair chunk of the staff don't even have a corporate email, so the actual percentage of dipshits will be even higher.
Click to expand...
it gets better: external company as part of similar exercise sends job offer link. It was visited by more people(from same company) than original recipients.
Click to expand...
Maybe people saw the mail at work, then once home they sat down and gave it another look?
 
lukaszek

lukaszek

the determinator
Patron
Joined
Jan 15, 2015
Messages
13,072
Caim said:
lukaszek said:
Caim said:
I work for a company with an annual income in the nine digits and the last time IT sent out a fake phishing mail as a security test almost a quarter of my dumbass coworkers clicked the mail. A fair chunk of the staff don't even have a corporate email, so the actual percentage of dipshits will be even higher.
Click to expand...
it gets better: external company as part of similar exercise sends job offer link. It was visited by more people(from same company) than original recipients.
Click to expand...
Maybe people saw the mail at work, then once home they sat down and gave it another look?
Click to expand...
let me rephrase. More company owned machines loaded the link than number of emails sent. People were sharing awesome job posting with coworkers.
'Hey, we are doing security risk for you but are you also aware about workforce rotation that you might be facing?'
 
Caim

Caim

Arcane
Joined
Aug 1, 2013
Messages
17,025
Location
Dutchland
Semiurge said:
ITZ happening again. A whole minute of pages not loading, at all.

You'd better see if some posts have been mass deleted again...
Click to expand...
Had something similar with liking posts, seeing who rated what and loading of images.

Truly it is the time of ITZ.
 
Sodafish

Sodafish

Arcane
Joined
Dec 26, 2012
Messages
8,910
I cannot for the life of me understand why so many of you are unironically throwing tantrums over entering a 6-digit number once a month. It's the very definition of first world problems.

"But muh auto-delete session cookies!"

Then whitelist the dex FFS. This shit isn't hard, and all the whining is starting to make me question the status of this place as a site for monocled gentlemen.
 
You must log in or register to reply here.

As an Amazon Associate, rpgcodex.net earns from qualifying purchases.
Back
Top Bottom