You think we should implement 2FA? - PLEASE READ & VOTE

2

Should we put this in and which version?

( 1 ) ( 50% ) Yes, put it in.
( 0 ) ( 0% ) No, its not needed.
( 1 ) ( 50% ) Use the Google Authentication version.
( 0 ) ( 0% ) Use the SMS version.
Fri Jun 01, 2018 2:10 am
Clan Leader
Top Dog
2630 Posts
coRpSE
Currently Offline
Offline

Most Played:
This week: 94.4hrs.
Total Played: 140hrs.
  
There is life outside of the game.
This is a new security system we are thinking of putting in so be sure to read and vote please.

For those of you that don't know what 2FA is, well, it stands for 2 Factor Authentication. Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand - such as a physical token.

Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person's data or identity.

What I have been talking to Lonestar about the past two days is about maybe implementing some sort of 2FA into the CMS, but the question is, which one. There are a couple of free ways that this can be done for the CMS.

  1. Google Authentication App
  2. SMS Text Message


The Google version would require you to have the app on your cellphone to be able to use it. The problem with that is if your phone is lost of damage, recovering is a bit harder to fix. The SMS text, if your phone gets lost or stolen, more and likely, you would just have to buy a new phone and you would still have the same number. The down fall to this method is that data rates may apply.

If we did go for the SMS way, there would be a field to fill in with your phone number and another option to select your carrier, (more and likely). The number will only be visible to you and no one else within the editing of your account information.

Both systems would only initiate if your connecting to the site from a unknown IP address, so if your connecting from a IP you used before, you wont need to authenticate. Do you think this is something we defiantly need to develop and put in, and if so, also vote on which one you think you would prefer that was built into the CMS.

I am posting this on Evo Xtremes site, and Lonestars site as well and will take a look at each sites results to determine what we should do.
Wed Jun 27, 2018 9:34 pm
NOOB!!!
11 Posts
BÉÄÚTÝ
Currently Offline
Offline

Most Played:
This week: 35.2hrs.
Total Played: 143hrs.
  
Is this your job?
2 - sms text message


Expand
Sig Done By 0079 To Request A Sig Go To :
Please login to see this link
Get registered or Log in
Forums ©