Putting the 'role' back in role-playing games since 2002.
Donate to Codex
Good Old Games
  • Welcome to rpgcodex.net, a site dedicated to discussing computer based role-playing games in a free and open fashion. We're less strict than other forums, but please refer to the rules.

    "This message is awaiting moderator approval": All new users must pass through our moderation queue before they will be able to post normally. Until your account has "passed" your posts will only be visible to yourself (and moderators) until they are approved. Give us a week to get around to approving / deleting / ignoring your mundane opinion on crap before hassling us about it. Once you have passed the moderation period (think of it as a test), you will be able to post normally, just like all the other retards.

What is the point of the 30 day timeout on authenticated logins?

Spectacle

Spectacle

Arcane
Patron
Joined
May 25, 2006
Messages
8,363
Taluntain DarkUnderlord seriously guys, how does making us enter the authentication code every 30 days improve security?

If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
 
Law

Law

Literate
Bethestard
Joined
Nov 21, 2023
Messages
29
not enough security procedures

I demand having my account locked behind a pubic hair DNA analysis
 
DarkUnderlord

DarkUnderlord

Professional Throne Sitter
Staff Member
Joined
Jun 18, 2002
Messages
28,358
Spectacle said:
Taluntain DarkUnderlord seriously guys, how does making us enter the authentication code every 30 days improve security?

If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
Click to expand...
It's to stop the Russians hacking people's accounts because of the Ukraine thread.

Oooh I like this new keyboard. Very nice clack to it.
 
Spectacle

Spectacle

Arcane
Patron
Joined
May 25, 2006
Messages
8,363
DarkUnderlord said:
Spectacle said:
Taluntain DarkUnderlord seriously guys, how does making us enter the authentication code every 30 days improve security?

If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
Click to expand...
It's to stop the Russians hacking people's accounts because of the Ukraine thread.

Oooh I like this new keyboard. Very nice clack to it.
Click to expand...
How does the 30 day timeout prevent Russians from hacking any more than 2FA already does?
 
Atlantico

Atlantico

unida e indivisible
Patron
Undisputed Queen of Faggotry Vatnik In My Safe Space
Joined
Sep 7, 2015
Messages
14,786
Location
Midgard
Make the Codex Great Again!
Spectacle said:
DarkUnderlord said:
Spectacle said:
Taluntain DarkUnderlord seriously guys, how does making us enter the authentication code every 30 days improve security?

If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
Click to expand...
It's to stop the Russians hacking people's accounts because of the Ukraine thread.

Oooh I like this new keyboard. Very nice clack to it.
Click to expand...
How does the 30 day timeout prevent Russians from hacking any more than 2FA already does?
Click to expand...
It does not.
 
King Crispy

King Crispy

Too bad I have no queen.
Patron
Staff Member
Joined
Feb 16, 2008
Messages
1,876,697
Location
Future Wasteland
Strap Yourselves In
Spectacle said:
If you're worried about an attacker getting hold of an old computer that has an active Codex login
Click to expand...
This isn't a concern. Why would anyone who regularly posts here "lose" their computer? It's got nothing to do with that, it has to do with account security in general. In other words, weak passwords, etc.

Spectacle said:
having logins time out after 30 days of inactivity would be just as effective
Click to expand...
This is effectively what's already being enforced.

Spectacle said:
be a constant annoyance for active users
Click to expand...
You don't speak for me, nor for most here, I think. The phone app works perfectly, is extremely easy to use (it takes five seconds to verify) and is completely free. Maybe you can explain how it's supposedly an annoyance?
 
Harthwain

Harthwain

Magister
Joined
Dec 13, 2019
Messages
4,810
Spectacle said:
If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
Click to expand...
One thing I am curious about: why is this so annyoing? All you have to do is log in on your e-mail to check out the code, and since you're already trying to access Codex you ought to be on your computer. Or are people using their phones all the time and I am the only one who is using PC for this?
 
Zed Duke of Banville

Zed Duke of Banville

Dungeon Master
Patron
Joined
Oct 3, 2015
Messages
11,924
Gahbreeil said:
I'm more interested in why everyone on the 'dex is intent on annoying, slurring, cursing out, being mean to and in general abusing other users.
Click to expand...
shapes-club.png
 
Spectacle

Spectacle

Arcane
Patron
Joined
May 25, 2006
Messages
8,363
King Crispy said:
Spectacle said:
be a constant annoyance for active users
Click to expand...
You don't speak for me, nor for most here, I think. The phone app works perfectly, is extremely easy to use (it takes five seconds to verify) and is completely free. Maybe you can explain how it's supposedly an annoyance?
Click to expand...
I'll explain that if you can first explain to me what the purpose of the 30 day timeout is, and how it achieves that purpose.
 
Grauken

Grauken

Gourd vibes only
Patron
Joined
Mar 22, 2013
Messages
12,803
Harthwain said:
Spectacle said:
If you're worried about an attacker getting hold of an old computer that has an active Codex login, having logins time out after 30 days of inactivity would be just as effective, and not be a constant annoyance for active users.
Click to expand...
One thing I am curious about: why is this so annyoing? All you have to do is log in on your e-mail to check out the code, and since you're already trying to access Codex you ought to be on your computer. Or are people using their phones all the time and I am the only one who is using PC for this?
Click to expand...
Some people just like to complain
 
thesecret1

thesecret1

Arcane
Joined
Jun 30, 2019
Messages
5,847
Harthwain said:
One thing I am curious about: why is this so annyoing? All you have to do is log in on your e-mail to check out the code, and since you're already trying to access Codex you ought to be on your computer. Or are people using their phones all the time and I am the only one who is using PC for this?
Click to expand...
Logging in to my e-mail takes about 30 seconds, which is 30 seconds longer than I'd like to spend trying to login, with no tangible benefit to me.
 
You must log in or register to reply here.

As an Amazon Associate, rpgcodex.net earns from qualifying purchases.
Back
Top Bottom