Go | New | Find | Notify | Tools | Reply | |
Member |
Mother fracking 2-factor authentication! I understand the security risks and the benefits. I'm actually happy to have the extra security on this account, as it's a pretty important account and if it was compromised it would be really damn inconvenient for me. That brings us to my rant. FOR THE LOVE OF GOD, IF YOU'RE GOING TO REQUIRE TWO-FACTOR AUTHENTICATON, IMPLEMENT IT SO IT ACTUALLY WORKS!!!!!! I've been trying to log in all morning. I've asked to be sent a one-time login pin FIVE times now via SMS and two different email addresses I have registered. Each pin comes with a 10 minute time limit after which it will cease working. Want to guess how many of those pins have arrived within that 10 minute limit? If you guessed 0 you would be a winner! Fastest one yet came in at 12 minutes, but that's just not gonna work for me. The longest was ~37 minutes and the SMS pins never arrived at all. Now, you're telling me my password has been suspended because I've had too many failed log in attempts? Screw you, I know my login info. The only reason there was more than one attempt to log in in the first place is because the shitty two-factor authentication you require DOESN'T ACTUALLY WORK!!! Two factor authentication has been around forever and nobody else has a problem with it, so fix your shit. "The people hate the lizards and the lizards rule the people." "Odd," said Arthur, "I thought you said it was a democracy." "I did," said Ford, "it is." "So," said Arthur, hoping he wasn't sounding ridiculously obtuse, "why don't the people get rid of the lizards?" "It honestly doesn't occur to them. They've all got the vote, so they all pretty much assume that the government they've voted in more or less approximates the government they want." "You mean they actually vote for the lizards." "Oh yes," said Ford with a shrug, "of course." "But," said Arthur, going for the big one again, "why?" "Because if they didn't vote for a lizard, then the wrong lizard might get in." | ||
|
always with a hat or sunscreen |
Yikes! I routinely get mine via text message in well under a minute. Some offer phone calls too although I've never used that mode. Is this isolated to just one account? Or many which would indicate a phone carrier issue? Certifiable member of the gun toting, septuagenarian, bucket list workin', crazed retiree, bald is beautiful club! USN (RET), COTEP #192 | |||
|
Nullus Anxietas |
So what entity is this with the broken 2FA? "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Thank you Very little  |
I've had that happen, even one company that after two weeks still hasn't sent the password reset request email.... some take their time. | |||
|
Member |
We've implemented 2 separate 2FA setups at work. 1 for remote access/VPN users & another for Office365. Large proportion of users would see the setup instructions for 1 & try to use them on the other. And, to makes it worse, a lot of our users don't have a company computer, so we have to hand-hold & walk them through it. Perspective, from the other side. The Enemy's gate is down. | |||
|
His Royal Hiney |
I don't like needing to get an sms text as 2FA. I like Amazon that uses a 2FA authenticator and my password manager automatically puts the authenticating number for me. "It did not really matter what we expected from life, but rather what life expected from us. We needed to stop asking about the meaning of life, and instead to think of ourselves as those who were being questioned by life – daily and hourly. Our answer must consist not in talk and meditation, but in right action and in right conduct. Life ultimately means taking the responsibility to find the right answer to its problems and to fulfill the tasks which it constantly sets for each individual." Viktor Frankl, Man's Search for Meaning, 1946. | |||
|
| Member |
We use Google Authenticator for VPN 2FA, and O365 2FA is a 1 & done code. The Enemy's gate is down. | |||
|
| Member |
One account. Same issue over my cellular and work wired network.
Work payroll website.
Yeah, I understand that. I'm about 100% sure this one isn't me because it works, it's just too slow. I'll be on the phone with support for either a hand holding or gripe session later this afternoon anyway though.
I would prefer something like that as well. 15 years ago I had an account with a separate authenticator. Log in, press the button, and type in the code it gave you. It worked great, but wasn't really practical as it was a separate device you had to carry around with all of those disadvantages. "The people hate the lizards and the lizards rule the people." "Odd," said Arthur, "I thought you said it was a democracy." "I did," said Ford, "it is." "So," said Arthur, hoping he wasn't sounding ridiculously obtuse, "why don't the people get rid of the lizards?" "It honestly doesn't occur to them. They've all got the vote, so they all pretty much assume that the government they've voted in more or less approximates the government they want." "You mean they actually vote for the lizards." "Oh yes," said Ford with a shrug, "of course." "But," said Arthur, going for the big one again, "why?" "Because if they didn't vote for a lizard, then the wrong lizard might get in." | |||
|
I Deal In Lead |
I don't like 2FA at all. Annoying, occasional glitches, pain in the butt. I'd just drop it altogether if I could. | |||
|
| Nullus Anxietas |
I don't like 2FA, either, but, if you ran any Internet-facing servers and saw the intensity of attacks against them, you might not hate it quite so much. The big problem with SMS-based 2FA is SMS/MMS has no guarantee of delivery time--or delivery at all. The wireless providers really need to step up their game in this respect. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| His diet consists of black coffee, and sarcasm.  |
If I'm understanding what this is correctly, I dumped a big bank over it. I logged into my account and got the message that there was something different about my login (I've had this computer for nine years) and they needed to send me an access code. I opted to have it e-mailed. They sent me the e-mail, but there was no code in it. That was the last straw. I closed the account on my next day off and moved to a local credit union. The most they do is occasionally ask my security question(s). Chase Bank is fond of doing this as well, but I haven't had any such problems with them. | |||
|
| Thank you Very little |
Have to say that the majority (99%) of the 2FA SMS messages I get in a matter of seconds from the click, rarely more than a minute. Could be the provider (ATT) has a good system for SMS and location (large metro area). | |||
|
| Member |
^^^^^^^^^^^^^^^^ Never a problem. The email is immediate. I have this on over ten accounts and it has been succesful. I certainly prefer it over trying to answer stupid security questions. | |||
|
| It's pronounced just the way it's spelled |
I recently had to deal with this crap as well. I needed to digitally sign something (another colossally stupid idea), and they kept saying they would send me a 2 factor number by text, except it never got to me. No option for an email or answer questions. It took me 2 days to get this shit to work. | |||
|
Member |
Oh, I understand the need in this day and age, since so many crooks abound. But I too hate having to use it when it doesn’t work correctly. I had set up one for Audible, as I do enjoy listening to books quite a bit, and I don’t have a smart phone. Usually with other required authentications, I would get a text with a number. No, what they didn’t inform me was this would be a link to a web address to enter my authentication. Grrrr. My cell does have internet capability, but it’s horrible and takes forever. When I tried the link, it timed out each attempt. I had to call and promptly switch my authentication to email instead of phone. At least I got that fixed, but I would hate not getting the number within their allotted time frame. Hope you get yours finally fixed! | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024