Re: Isn't it time to introduce 2FA to enhance user account security ?

Quote from: Thirdspace on July 15, 2018, 10:50:28 PM

Quote from: hilariousandco on March 24, 2018, 12:46:30 PM

2fa is enabled in essence because when someone tries to hack and take access of your account you can lock it via the link in the email you get if it wasn't you. The issue is is that most people complaining in Meta are waiting for their accounts to be restored to them by an admin which isn't really happening. Better 2fa options will be available on the new forum but the email lock is probably as good as we're going to get on this one.

why not also add email confirmation (to old email address) when a user changes his email address?
wouldn't that prevent hackers from easily changing email address to take over an account?
this way, admins will be needed only if the user lost access to both forum accounts and email address
would this be available on the new forum?

Mail confirmation is quite a common practice nowadays, i would be quite surprised if it will not be there. Beside if the 2fa is going to be in the new forum you would need some confirmation for it as well.