Forced 2FA

Okay, maybe i didn’t give too much attention to that news, and thinks that it would be implemented but for users to choose they want to enable it or not.

But today i just can’t access site without FORCED 2FA and completely not like it!
Had to instal 2FA app to my phone, cause didn’t have any before (besides Steam, but you can’t confirm 2FA login through Steam app for other sites)

And pretty much hate having extra app i forced to use now

Is there any chance that you can disable it for yourself later in user preferences?

UPD: I can see potential solution as it’s being on by default once for existed users and maybe for new user too. But after that made default - you should be able to turn it off!

There was a literal warning at the top of the website for like a month and there was no way to make it go away.

Everyone had their comments, complaints etc etc about it a week into the news dropping.

You’re a month late and no, you can’t disable it, that would literally defeat the purpose.

Well, i seen warning, but somehow thinks it will be optional, and wasn’t implemented before.
Make it forced - is really shit idea, at least with extra app needed and not just email 2fa like almost every site do, and even can make me stop using that site at all!

Not like right now, but after some more times need to use extra app just to log on…

I hate using extra apps, when everything can be done through web-browser, like e-mail 2FA admins strongly against for some reason.
I can access my mail through browser, can’t do same for TOTP (TOFP?) 2fa methods

Really like using browser for everything instead of downloading shitton of apps, like app per site or something, mostly using web-telegram, web-discord, etc

Ok congrats, you didn’t read.

Everything’s been said on the topic. Go read the month old threads. Literally nothing you’re saying is a new complaint.

So? Where else would you complain about it the other topic is closed if you dont like the new forced 2fa you should be a able to talk about it

I did read, but topic is closed, so i adding my late opinion here - i hardly against using extra app for login, 2FA itself is good while it’s not require extra apps and done via email for example.

I did authorized with google auth to create that topic and insta delete that google auth from my phone, as it’s being extra app i don’t wanna use

Also hate being forced in general, so that enforcement driving me mad!

Considering people get hacked on more and more pages and apps, it would make sense to get used to that app because the ressources that require it will only grow in number.
It´s not a big deal, you will use the app for any page that requires 2FA, no matter if it´s something workrelated, social media or here, and it heightens the security significantly.
I can totally get why it was implemented. But I also get your point, as we were suddenly forced to use it at work, having to pull out my phone every single time (because the settings were that strict, way worse than here) I got annoyed, but after a short while I don´t even realized that I use my phone to log in, typing out my password takes longer.
In general, trading in security for convenience is always a bad idea…so activating 2FA on any page or app that has the possibility is a good idea in general

There is email 2fa that not required extra app, completely fine with it, most sites have this.

i’m not against 2fa in general, only against methods require extra app, when email can be browsed in the same browser u using to browse site anyway

1. DM the admins
2. Discord
3. Site Chat Function

We basically had a townhall a month ago to complain and ask questions. Everyone who cared enough to complain or ask questions showed up and spoke up.

There’s little point in making a new thread that says nothing new regarding a month old topic. Those conversations were going nowhere after a certain point so they were closed.

OP could’ve instead posted in site feedback about how 2FA could’ve been done thru e-mail or whatever, if that even is an option because the forum’s functions are limited by Discourse.

My password manager already had a passkey saved for this site but it was seemingly removed at some point between the announcement and now. It’s not really a big deal but weird it happened.

Sorry for the harsh words, but this is a completely retarded decision by the site admins. What is next, Facebook integration?

I’m not a fan of this either.

Just had to use my passkey to create a passkey so I could use the passkey to access the site. 2/10 experience

With respect to the owner he clearly was set on forcing 2fa and not every single person knew about it there are many that will log in today and will now be forced to use 2fa if they dont agree with it they should make it clear in a thread like this so we can discuss it and not bombart the admins over it and no email wont work its only a app or a seperete key at the moment

Yeaaaahhhhh…

I thought passkeys were OK? I don’t recall reading about how we’re suddenly all cool with a FAANG provided authenticator app, either. I thought unless we rooted a non-apple device, we were potential security holes…

Admittedly… there was a lot, people miss stuff, I’m not screaming at anyone over something I might not have read…

But the greeting by an unexpected block screen, then get timed out while trying to sort an authenticator app, is annoying. I was under the impression we could set up the more secure options, and it would run in background.

Some of you folks work in environments where these things are commonplace and the inconveneince is unnoticed after a while… Some of us do not, and this is one of the only sites I frequent which is chasing this level of login requirement. Not like I’m going to stop visiting, but authenticating with a 3P app every time after already setting up a passkey is going to cut way back on them.

Someone might argue “all sites will eventually need this get used to it” - this is more a philosophical rant: Why? Why are the consumers, the end users, yet again being foisted upon with ever increasing requirements when maybe, JUST MAYBE, we could work to strengthen privacy laws and personal data security, actually go after bad actors, and make a better internet? Because at this rate - don’t get me wrong, I like my internet porn, but like hell if I’m putting a drop of blood in the analyzer in 2029 to jerk it.

It was discussed. It’s been posted for a month, banner at the top and all.

Do I agree with locking and closing the topic? Nope. Do some forum members get real shitty and maybe there should be some janitorial/custodial action when adults can’t behave like adults? YEP.

There are many non FAANG provided authenticators.
There are also many password managers that also integrate mfa tokens (TOPT) or passkeys.

Yeah, and I set one of those passkeys up.

For this site.

As I said in my comment.

I saw no hate in the thread just discussion.i myself never saw the post where to discuss just the ads on top butt i feel that as long as we dont make it hatefull a place to talk about a change some dislike is fine

The extended post on Passkeys, seems to contradict my experience on login. As does this comment from @VladTheImplier

I think right now it’s a fair bit of wtaf? from users who were expecting a change and thought we’d prepared appropriately, and wtf? from people who didn’t read the banner or linked thread.

re: bad behavior - there are other threads on other topics that have gotten closed due to shitty behavior. It seems like the “security for everyone” was closed because someone felt annoyed to still be talking about it, rather than users being deliberate assholes.

There was an additional thread Why are passkeys not considered MFA here? Fight me! about it as well, and the issue of MFA and Passkeys was also brought up there… So, I’m still confused why a user who set up a Passkey gets forced into an Authenticator and MFA.