| I wonder if it is possible for the site to implement two-factor authentication? Just a thought since the brute force attacks. Mod Edit: Modified title for clarity and/or easier searching. |
TenshoOct 9, 2020 10:21 PM
| Allow us to have two factor authentication on the website. This can be implemented in the form of standard OTP or maybe some login verification on the mobile mal app. This would in turn help stop accounts getting hijacked. |
| I mean this site doesn't really need that imo, it's not like steam where you can have stuff you paid for hijacked. I don't think people would want to 'hack' accounts which only contains a list lol. If there's a reasonable need for this, name it. As if the long ass password isn't enough |
| I agree with you @TentacleMaster and @changelog_ I believe that there needs to be a 2FA on this service for the same reason y Facebook has 2FA. This is a social media site and it would be much welcome. And now with credit card implication (even if it is not logged) that makes me want it even more. It could be very easy as well with Google's very own 2FA thing. Because rn I don't want to put my credit card on here because it doesn't have 2FA. |
 |
EGOIST said: I mean this site doesn't really need that imo, it's not like steam where you can have stuff you paid for hijacked. I don't think people would want to 'hack' accounts which only contains a list lol. If there's a reasonable need for this, name it. As if the long ass password isn't enough I get your point but this is a social media site. There is a reason y Facebook, Twitter, Discord, and Instagram have 2FA support. I would say a simple implication of Google 2FA would be great. |
|
| The only issue I could see if you forget your 2FA code but that could be solved wth backup codes. |
| true but Google Authenticator just generates codes after a certain amount of time so u just need to check it when u need to log in |
|
C01IN01-BakaVaca said: Yep my bad would need to clarify, so if you lose the device with the authenticator there has to be a way to retrieve it and I suggested backup codes and a backup code you can save to authenticate if necessary. Or depending on security could restore by email but usually all sites that implement 2FA properly do not allow you to reset by email when you have 2FA active which is intended.true but Google Authenticator just generates codes after a certain amount of time so u just need to check it when u need to log in |
| Yeah just like what Discord does, just make sure you have a folder for all the txt documents with the backup codes and zip it up and put a password on it. (I believe anyone who sets up 2FA should always have a fail safe |
|
| 2FA should be everywhere as an optional plugin. |
| HELL NO! If this site wants me to verify my email every goddamn time just like discord I'll leave for AniList. This is an anime forum not a bank. |
 |
Lost_Viking said: HELL NO! If this site wants me to verify my email every goddamn time just like discord I'll leave for AniList. This is an anime forum not a bank. no no no not like that XD. It should be optional XD |
|
yuwib said: I hope this gets implemented +1 I agree, we should at least have the option to activate the 2FA, just like the other sites. |
 |
| Mandatory, no. Optional, yes. I would probably use it but I would like the option of not having to and it seems pointless to make it mandatory now considering it's not a new site. It would help some users if the site ever has a massive breach or force logout of everyone (again). |
 Just some guy who likes anime |
| i support this. |
| Didn't even realize MAL didn't have an option for 2fa til I saw this thread. How does a site this large not have 2fa? I also second this suggestion but I am quite certain it won't be added, much like every suggestion in suggestions. |
 |
| We need this very soon. |
| Signature removed. Please follow the signature rules, as defined in the Site & Forum Guidelines. |
| An Authy based 2FA system sounds neat. |
| Agreed 100%, this needs to be done. |
| A true man never dies. |
| So true, that would be a lot better!! |
 |
| yes, we need this. there should always be more ways to secure your accounts |
| this should be be there. while you are at it, make sure you arent still using MD5 hashes for passwords (without salts) or even worse plaintext! |
| I'm in support of this. |
   "No letter that could be sent deserves to go undelivered." - Violet Evergarden signature and forum avatar made by Memor! |
| I sign this. We should've such system in place already. |
''Enemies' gifts are no gifts and do no good.'' |
| Highly requesting this be added - its 2020... |
|
| if not the users then the moderators and staff really need this |
| the only thing the hackers would gain would be degenerate taste in hentai :dolanpls: seriously 2fa for an anime tracking website? lmao |
 |
| All I have are cringy forum posts and a list I can just transfer over within a minute so why bother? It's not like there's anything actually important tied to these accounts you can't recover in less than an hour. |
Fuck 2FA besides for staff.
Maybe enable it for people who want it. |
| My subjective reviews: katsureview.wordpress.com THE CHAT CLUB. |
katsucats said: Fuck 2FA besides for staff.
Maybe enable it for people who want it. If I require a phone to log in, I'm finding a new site. Straight up. |
katsucats said: Fuck 2FA besides for staff.
Maybe enable it for people who want it. I agree that it should be implemented for staff and optional for anyone else who wants it (but never required or "strongly encouraged" with obtrusive popups). |
 |
| yeah i agree, it needs one. this is one of my few profiles online that i dont want anything to happen to. |
 |
| I don't mind if its optional and through an app like freeOTP. If it's mandatory and uses SMS or proprietary authorization tool like Google Authenticator, then fuck it. I also don't think my anime list is important enough to be necessary to have 2fa. |
  |
Heldengeist said: I don't mind if its optional and through an app like freeOTP. If it's mandatory and uses SMS or proprietary authorization tool like Google Authenticator, then fuck it. I also don't think my anime list is important enough to be necessary to have 2fa. Second this. As long as it's an option and accounts that don't turn it on aren't restricted in any way, i'm fine with MAL implementing it. But i don't want to enter a code from e-mail every time i log in or share my phone number with MAL. |
| AnimeThemes.moe <- the largest collection of anime Openings & Endings on the Web AnimeMusicQuiz.com <- guess an anime from your list by it's Opening/Ending music browser game |
| I agree, there definitely needs to be a 2FA for MAL. |
 |
| As long as it's optional, I don't care. |
| Heck, I'm surprised MAL still doesn't have a 2FA... |
| For an anime site? lol. |
 |
| I don't even know what 2FA is |
| خ |
| Duplicate threads merged. |
 |
More topics from this board
» @ sign spam/attackkuroneko99 - Apr 16 |
4 |
by traed
»»
Today, 9:50 AM |
|
» Add the option to change profile favorites picturesk1rb - Oct 21, 2022 |
20 |
by Astachanna
»»
Today, 9:05 AM |
|
» An "Anime Franchise" page_cjessop19_ - Today |
1 |
by Astachanna
»»
Today, 9:04 AM |
|
» Combining every season of an Anime?Dennisss - Apr 1, 2021 |
17 |
by _cjessop19_
»»
Today, 1:08 AM |
|
Poll: » Add list setting to make notes private (on public lists)S_h_a_r_k_93 - Nov 12, 2022 |
25 |
by anonymate
»»
Apr 24, 9:57 PM |