Legacy Other Authentication

Status
Not open for further replies.
This suggestion has been closed. Votes are no longer accepted.
Yes, only about 1% of our members have enable this, so while very secure, it's only secure for a very few members.

I've noticed many websites using email verification codes instead. It works the same way except instead of the code being sent to a smart phone an email is sent with a code. The user checks their email address and enters the code to access their account. This way it can be enabled for everyone and members don't actually have to do anything to enable it.
 
That is only a secure option if the email itself is protected behind two-factor authentication, so all you're doing in that case is shifting the problem :p

It also introduces significant problems in the event that users email inboxes aren't working for whatever reason, where it will lead them to be unable to access their forum account. This is much more likely than their smartphones being unavailable.
 
That is only a secure option if the email itself is protected behind two-factor authentication, so all you're doing in that case is shifting the problem :p
It still adds some extra protection.

For example, if someone's forum account is hacked into, since the hacker has a different IP, they would be asked to verify via an email code. The hacker would have to gain access to the email also in order to use the forum account. I'm sure in many cases the victim might use the same password for both, but it would still provide security in many, if not, most cases, where the passwords are different.

The smartphone is still much better, but again only 1% of my members have enabled it. I would want to have both, the email by default and the smarthphone as optional for extra protection.

Hearing about how large corporations are hacked just about every week, I have zero confidence in vBulletin's security and quite honestly in any softwares security. I think double authentication is a must for all websites these days.
 
Status
Not open for further replies.
Back
Top