Two-Factor Authentication
Forum Index > Core > Announcements > News Archive >
I don't think it's a terribly good idea to introduce a feature to increase security, and then go on to add a feature that decreases it.
The current session expiry is 24 hours of inactivity, and that seems fine.
I will need to give it a go, but it will be after I get one of the apps in order to scan the code bar thing.
*11/300 Fujin's Lamp
All avatar credit of Nathaniel the Natu goes to Sina142's joint art shop.
QUOTE originally posted by Niet
I don't think it's a terribly good idea to introduce a feature to increase security, and then go on to add a feature that decreases it.
The current session expiry is 24 hours of inactivity, and that seems fine.
Avatar credits: Melan Plusle & Minun Galaxy avatar made by Sharpy, (for my use only)
It is less secure, but still considerably more secure than not having 2FA enabled at all. I think the point is to have more people enable it. It's an optional security feature, and a lot of people will not enable it because it feels like too big of an inconvenience to enter the code every log-in. People are prone to feeling like things such as getting your account stolen will probably never happen to them, and won't feel the security is worth the inconvenience. It would especially help users who go inactive but now have 2FA enabled. If the inconvenience is not so bad, but the security is still mostly there, so more people use the feature, that sounds like a win to me.
My fields are optimized for clicking!
10k S&S Timid (Sweet/Pecha) Pokemon ♡
sprite made by sojussimblr
sprite made by Lonely Heart
sprite made by Matamoja
sprite made by Matamoja
I suppose something like this is alright but for me, my phone is an old one and I may need to replace soon so rn I don't feel comfortable putting an app on when the phone may need replacing soon. I hope that in the future there can be an extra way to secure your account without needing an app to do it. :)
**0pts contributed to TR this month!**
*PFP Drawn by me, do not reuse without my permission
I won't be using it because I don't have a QR scanner and I don't really know how I'd set this up without having to trust some random QR app. Also, chrome automatically saves my login for my email so I auto-login to every site and if not it's saved to the webpage so I don't really have a use for this aside from making it more difficult to hack my account but it's more difficult for me to even login too so I would just get annoyed with it .-. This has no impact on me whatsoever.
QUOTE originally posted by Beetlejuices
I won't be using it because I don't have a QR scanner and I don't really know how I'd set this up without having to trust some random QR app. Also, chrome automatically saves my login for my email so I auto-login to every site and if not it's saved to the webpage so I don't really have a use for this aside from making it more difficult to hack my account but it's more difficult for me to even login too so I would just get annoyed with it .-. This has no impact on me whatsoever.
Avatar by the best lizard ever, Bananalizard
#standwithEMS #ELM
Score: 0
QUOTE originally posted by Beetlejuices
... aside from making it more difficult to hack my account
QUOTE originally posted by Beetlejuices
... but it's more difficult for me to even login too so I would just get annoyed with it .-. This has no impact on me whatsoever.
This seems unlikely, but on the topic of security...
Is there any way to add a self ban process, a deletion process, anything to make an account otherwise inaccessible.
Often times my accounts that get breached are old accounts I don't even remember using. If I had deleted them, self banned, whatever, they wouldn't have been at risk in the first place.
I would really like a way to get rid of my Pokefarm account or at least make it inaccessible so I don't have to risk a password being leaked somehow.
Edit: or my PayPal information. My PMs will be there for, y'know, forever. So surely eventually someone could get onto my account and take the information.
Other sites have a self ban process, which isn't the same as deletion, but I know that Pokefarm doesn't want to.
⚢
Sylveon PFP from Pokemon Shuffle
If memory serves correct, there have been users in the past who have asked to be locked when they left? I might remembering wrong, but I don't see why staff would turn that down.
Cannot post: Please log in to post