Suggestion: 2-step verification

Status
Not open for further replies.

joemgap

Member
Messages
68
Reaction score
0
Points
6
Hello,

I want to suggest if possible that we may have the option to log in our account with 2-step verification using an "Authenticator" app, popularly the Google ones. For this can increase the security of our accounts with you. It doesn't have to be a mobile number but the use of an Authenticator app. I feel sorry to those who don't have smartphone. But please, x10Hosting, let us have this option.

I've seen this as a plugin for a WordPress self-hosted website so I presume that you can incorporate it as security measure option.

I'll look forward for the response of the x10Hosting team! Thank you very much!

Thank you!

Read more:
https://github.com/wstrange/GoogleAuth
http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service
https://code.google.com/p/google-authenticator/
 
Last edited:

joemgap

Member
Messages
68
Reaction score
0
Points
6
Hello,

I want to suggest if possible that we may have the option to log in our account with 2-step verification using an "Authenticator" app, popularly the Google ones. For this can increase the security of our accounts with you. It doesn't have to be a mobile number but the use of an Authenticator app. I feel sorry to those who don't have smartphone. But please, x10Hosting, let us have this option.

I've seen this as a plugin for a WordPress self-hosted website so I presume that you can incorporate it as security measure option.

I'll look forward for the response of the x10Hosting team! Thank you very much!

Thank you!

Read more:
https://github.com/wstrange/GoogleAuth
http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service
https://code.google.com/p/google-authenticator/
 
Last edited:

kenny9

Active Member
Messages
313
Reaction score
26
Points
28
I do not need someone that only has a "smart"phone for a life to feel sorry for me because I choose not to be tied to a telephone of any type.
 

bmccoy11

Member
Messages
101
Reaction score
6
Points
18
Hello,

I want to suggest if possible that we may have the option to log in our account with 2-step verification using an "Authenticator" app, popularly the Google ones. For this can increase the security of our accounts with you. I doesn't have to be a mobile number but the use of an Authenticator app. I feel sorry to those who don't have smartphone. But please, x10Hosting, let us have this option.

I've seen this as a plugin for a WordPress self-hosted website so I presume that you can incorporate it as security measure option.

I'll look forward for the response of the x10Hosting team! Thank you very much!

Thank you!

Read more:
https://github.com/wstrange/GoogleAuth
http://stackoverflow.com/questions/5087005/google-authenticator-available-as-a-public-service
https://code.google.com/p/google-authenticator/
Unfortunately, 2-step verification isn't as easy as it seems. x10Hosting would have to set up its own SMS service, and would require a lot of work.
 

joemgap

Member
Messages
68
Reaction score
0
Points
6
I'm not talking about the SMS service on it. We can use Google Authenticator method of just having secret code in-sync.
 

leafypiggy

Manager of Pens and Office Supplies
Staff member
Messages
3,819
Reaction score
163
Points
63
Hi,

We've been looking into something like this, however it's not really a priority.

You can create very secure passwords that even you don't know if you really need the security. Put your password behind two factor authentication like with LastPass or something similar.
 

essellar

Community Advocate
Community Support
Messages
3,295
Reaction score
227
Points
63
... and whatever you do, you are restricting access for a significant number of users, which kind of runs contrary to the aims of providing free hosting in the first place. If you want 2FA, go for it - on your own site or on your own server (VPS).
 

Livewire

Abuse Compliance Officer
Staff member
Messages
18,169
Reaction score
216
Points
63
Just to quick clarify here, OP doesn't say "required" for all users:

I want to suggest if possible that we may have the option to log in our account with 2-step verification using an "Authenticator" app

Assuming we do it (which would require a fair amount of setup and testing to ensure it properly interfaces with all levels of our system, likely including the forum itself), I'm sure it would be presented as an available option, similar to the authenticators Blizzard uses for its games - you can enable it, but you don't have to.

Juuuust making sure everyone caught that one specific word as it makes a huge difference :) I agree it shouldn't be forced upon all users (as noted, not all of us have smartphones, myself included), but I don't see any problem making it available to those who would like to use it, assuming we do decide to implement one.
 

joemgap

Member
Messages
68
Reaction score
0
Points
6
Livewire,

I'm grateful for clarifying up my very words said before.
Thanks for this positive response!
More power on you and the company, x10Hosting!
 

leafypiggy

Manager of Pens and Office Supplies
Staff member
Messages
3,819
Reaction score
163
Points
63
Lastpass is not vulnerable or insecure in any way.
 
Status
Not open for further replies.
Top