This is a THREAT

[Citizen]

No leak for another 24 hours? *yawns*

 

[Rean]

Oh no! Terrifying.

 

[Citizen]

It's fake news, there's no "maxie's discord" and the screenshot is probably made up by the guy. We have no proof that this is the contents of admin forum and not random thread titles he just typed in browser's inspect mode

 

[jackofshadows]

Turns out, it was a creative way to promote 2FA for common folk, move along.

 

[lukaszek]

its like that fb scam where they were pushing 2fa to link your account with phone for ad purposes

 

[Jenkem]

curious

 

[jebsmoker]

This is why there needs be to an auto-delete of inactive accounts. After, say, 6 months of inactivity.

To expand on this idea: any poster who makes less than a hundred posts per six months should be automatically permabanned for being a sleeper alt or abandoned account.

Anyone getting butthurt over this idea is tacitly admitting to being a sleeper alt owner.

I mean, let's be completely honest here. Things like this:

Joined: Dec 9, 2012
Messages: 32

Should not be allowed.

lol you're on the wrong site if you wanna suggest dumb impositions like this. this is something that would make more sense on authoritarian hellhole that is resetera, not codex

who cares if you make a grand total of 2 posts per year, honestly

 

[Haba]

What a convenient explanation for the story.

 

[rusty_shackleford]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

fucking hate having to search for my phone just to login to shit, I ALREADY HAVE A PASSWORD I DON'T NEED ANOTHER ONE

 

[Tacgnol]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

fucking hate having to search for my phone just to login to shit, I ALREADY HAVE A PASSWORD I DON'T NEED ANOTHER ONE

Authy has a browser plugin that allows you to do it from your desktop.

 

[rusty_shackleford]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

fucking hate having to search for my phone just to login to shit, I ALREADY HAVE A PASSWORD I DON'T NEED ANOTHER ONE

Authy has a browser plugin that allows you to do it from your desktop.

"just use this closed source proprietary browser plugin to help you not get hacked bro"

 

[Tacgnol]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

fucking hate having to search for my phone just to login to shit, I ALREADY HAVE A PASSWORD I DON'T NEED ANOTHER ONE

Authy has a browser plugin that allows you to do it from your desktop.

"just use this cloud source proprietary browser plugin to help you not get hacked bro"

At the end of the day no 2fa solution is perfect. It's just an extra layer of security.

If you use authy or google auth on phone or in browser, people would have to know your password, have access to your machine and phone or compromise the provider.

Either way they'd still need to accomplish both of those steps.

 

[Kev Inkline]

I propose implementing a facial recognition system.

 

[rusty_shackleford]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

fucking hate having to search for my phone just to login to shit, I ALREADY HAVE A PASSWORD I DON'T NEED ANOTHER ONE

Authy has a browser plugin that allows you to do it from your desktop.

"just use this cloud source proprietary browser plugin to help you not get hacked bro"

At the end of the day no 2fa solution is perfect. It's just an extra layer of security.

If you use authy or google auth on phone or in browser, people would have to know your password, have access to your machine and phone or compromise the provider.

Either way they'd still need to accomplish both of those steps.

there's no reason to use it over keepassxc, which also has OTP support

 

[Kruno]

This is why there needs be to an auto-delete of inactive accounts. After, say, 6 months of inactivity.

How about an auto-delete of new accounts that post more than twice a day in the first 6 weeks?

New accounts are not a security threat. Old inactive accounts with full access to everything are obviously there just to circumvent a ban or something of that sort.

But new accounts that post too often are a shitposter threat, while old accounts that don't post are usually just boring lurkers. 90% of forum members only read without posting.

You did not say anything that contradicts my point. Also, lurkers are creepy and should be banned anyway. They contribute nothing to the forum, not even shitposting, which is often amusing and oddly-stimulating.

But as I said, any old account with barely any posts is potentially there to circumvent a ban. And all the people who got horribly butthurt over my innocuous suggestion just outed themselves.

I wasn't trying to contradict your point, I was trying to imply that you are a shitposter.

I know what you're trying to imply, you're just not witty enough to deliver a proper zinger.

I'll meet you half-way on the lurkers: any account that hasn't posted in years should have its posting privileges permanently removed, but still able to log in and read stuff. There, your precious lurkers are now protected. Happy? Oh right, you're just doing a painfully-unfunny NO U routine.

DarkUnderlord can this guy get a poop poster tag?

 

[Cunt Dickula!?]

I propose implementing a genital recognition system.

ftfy

 

[†††]

Just use a strong password lmao

 

[PorkyThePaladin]

I propose implementing a facial recognition system.

It would not work on the 'Codex. Considering the average Codexer's looks, Zoos around the world would get tired of receiving "One of your chimps has just escaped and is trying to access online resources" texts/emails.

 

[mondblut]

I propose implementing a facial recognition system.

We could recognize men by their facials, but what about women, you bigot?

 

[OSK]

there's no reason to use it over keepassxc, which also has OTP support

Aegis is also an open-source solution: https://getaegis.app/

DarkUnderlord can this guy get a poop poster tag?

Techno Union = Liberal alt

 

[IDtenT]

Can we please remove the 30-day limit on the two-factor? Nobody else does that.

 

[Kev Inkline]

Techno Union = Liberal alt

I doubt it, I don’t think Liberal would ever ignore me, I’ve always been friendly to him and always remembered to compliment his shoes.

 

[madbringer]

The Comprehensive Guide to Avoiding Getting Your Codex Account Hacked:

1) Enable 2FA: https://rpgcodex.net/forums/account/two-step
2) Install Authy on your smartphone and add the Codex.
3) ????
4) PROFIT!!!!

I can make it a bit simpler.

1) Don't be a fucking retard.

There is no step 2.

 

[Semiurge]

I have a complete archive of your hidden admin forum and the whole rubbish thing will end up in Maxies discord unless you remove the restrictions for Maxie to post in the shoutbox.

You have 48 hours and dont get smarmy with me.

Does the smarmy thing apply to staff only?

Also could you do a search for puur prutswerk and send me any matches you find? I would like to know how my threat level on this site is assessed.

You are by far the most mellow member here.

 

[Semiurge]

Techno Union = Liberal alt

An anagram reveals his nature: "Onion Cunt He".