Problem here is, and I´ve seen this WAY too often, that people also use the same password for email and other pages, so the authentification through email instantly fails. Doesn´t mean it´s you, but I worked in support for a while and you start to get a bit cynical at some point, seeing how careless some people act around their personal data, and worst case putting the company at risk through this^^
But I might be highly biased due to this, so…as said, I totally get you, but I would take the same steps after a series of issues…
1 Like
i’m fine with any other 2fa methods that not require me to have extra app\device to open the site, besides just browser on PC
current implification offer only some auth app on smartphone, or some passkeys app
or you can HAVE TO BUY physical pesonal usb-key device to enter site, that option is beyond sanity!
so if you don’t have your phone ready, charged and have internet access - you can’t enter site from PC, that’s very bad user experience
2 Likes
I have yet to meet that mythical creature that doesn´t have his/her phone in grabbing range^^ (of course that´s only a joke, I get you 
)
At the end of the day…it is what it is, maybe a second option will get added at some point but it´s not my decision^^
1 Like
I think I have said enough about this when I said I was enforcing MFA. I’m not answering more questions. There’s enough resources and multiple threads on this.
Yes its a lot of reading but please just read.
Also, I’ll leave this thread open so users can vent their beef or non beef.
4 Likes
I’m on Windows. Took me 30s to add a passkey.
1 Like
Well, i did read some of that thread, but it’s still very strict enforcement i couldn’t agree with
having extra app on phone to enter web-site via PC - that make no sense!
is there any other 2FA we can use, that don’t need other device or app? like email, maybe there is some other methods i’m not aware about
Just not force us to use second device with extra forced to use apps just to enter.
I bet - after 1-2 another logins that require extra effort like that - i probably just be forced to quit.
That’s what your enforcement did - forcing people to quit site, well done!
UPD: and all your answers to question looks like “we don’t value any opposite opinions or free will of our users - just forcing that change no matter dislikes and disagreements”
Optional 2FA - good stuff, important option
Forced 2FA that don’t require extra devices\apps, like email - not so good, cause it’s forced, but can get used to it
Forced 2FA that require extra device\apps - strong no! When 2FA done that very low-usability way - you can’t force that!
3 Likes
Passkey section in security preferences is not under 2FA sub-category tho, will it allow you to enter site without 2FA?
And anyway - when i press “add passkey” it asks scan QR on camera, so it’s again - second device involved, like your phone.
You can’t scan QR from your screen using your PC, that’s the point!
3 Likes
PC, so assuming Windows. Go to /u/{USERNAME}/preferences/second-factor, click Add Physical Security Key, click Register.
Well, that i tried already - it asks for dedicated USB-flash just for that purpose, or WindowsHello that i can’t use for completely unrelated to that discussion\site reasons. Let’s say my OS don’t have that option.
So i can’t use that type of 2FA
3 Likes
In that case you could always use a password manger that supports scanning 2FA QR codes.
Did you read any of my messages tho? That’s again - an extra app!
So i accessing site via browser (Vivaldi if it’s matter) from PC.
And if there is strong admin decision to make 2FA forced - i need a method that not require extra devices to be used, or any extra app installed.
I know one of such method - email 2FA, you can opne your email via same browser. But in topic with that enforcement announcement - admins said hard no to email 2FA!
So give us other method with circumstances above then.
Current implementation is very bad user experience
4 Likes
I’m just trying to help but it seems like you’re simply against the current implementation, that’s okay.
Password managers DO have browser extensions though. You don’t need to use another app.
2 Likes
Well, if current implementation means “extra apps\devices required” - then yes, i’m against it
If there is a way with current one to get 2FA without those extras - i would be happy to know about it
But looks like it’s no way, depend on your advices, sad(
I appreciate the help, but that simple circumstances i need from 2FA - none of your tries met that condition sadly
I think the only way anyone can help you is if we understand your full needs.
What device do you use to access Eroscripts? Do you use multiple?
I have repeatedly advised everyone to use a password manager.
I advised you to use keepassXC which I still think is probably the best option.
KeepassXC | Browser Extension | Android Compatible app | IOS Compatible app
extra apps\devices required
This doesn’t answer what your needs are. What about another app or device makes this a dealbreaker? It would be helpful to know more and how we can help you.
If the issue is friction, the browser extension, apps and keepass app are all made to make the friction as minimal as possible. If your dealbreaker is because of friction you are shooting yourself in the foot.
1 Like
I use my PC, and mostly only that one PC, with very rare exception that i not really care about
And i want no extra apps\devices used in my authentification, that’s all my needs.
Just same browser i using to access site itself - only option i’m fine to use for any 2FA auth.
only 2FA method i know about that can do that - is email 2FA, email can be opened in same browser
No extra manager app, no phone app scaning QR
If it can work with only browser extension, without extra app forced to be installed on PC - that will met my wishes)
I recommended this already
TLDR; People don’t read.
4 Likes
Email is NOT 2FA (more identity verification vs 2FA)… and it wouldn’t solve what this enforcement is trying to solve
Unfrequently unless you have a usb passkey you WILL need to use some extra app. Maybe Brave has it embedded by default but everything needs another app.
I can’t believe they are forcing us to make our accounts safer!
I’m amazed people still exist in the world who don’t have an authenticator.
3 Likes
Meh, in my opinion, everyone should be using a password manager. It’s a fact of life that there WILL be a hack that your passwords will be leaked, so you should never use the same or variants of the same password for any sites… I’ll be honest… People don’t have to be here, there are ways to make your own site with the same or similar purposes of this if you’re that against an admin protecting his infrastructure and community. I personally use bitwarden for everything and pay the 10 a year to get TOTP autofill for my browsers and mobile using the app and browser extensions. I would recommend starting to get used to this cause I would assume that most sites will do this if there is a big enough community. I get it is not convenient at first. But once you just have to remember a single password for everything you log into it gets easier, especially when you can install said password manager on everything.