Two Factor Authentication

[red_rhino]

Personally, I don't find the Passkeys to be very convenient. I prefer to receive SMS to my phone. This works well with a google account, they always text me when I log in from a new location.

2FA via SMS has known vulnerabilities and exploits including SIM cloning, social engineering, and man-in-the-middle style attacks. While it's better than using a password alone, it's not as secure as using an authenticator. And IMO, it's even debatable that authenticators are less convenient than SMS. On TB, I only need to authenticate once every 30 days if I'm logging in from a known device, and for an unknown device, I literally glance at my iPhone and FaceID confirms my identity and sends the authentication code on my behalf.

All that said, if I was going to put that much effort into hacking someone's phone, I'd be going after their bank account or stock portfolio, not performing low-level scams on Talkbass. 2FA via authenticator makes your TB account way more trouble than it's worth.

 

[ctmullins]

Apparently it’s been thirty days for me, so I had to log in and MFA again today. Authy worked flawlessly on both devices.

 

[SteveC]

I have zero issue with this.

 

[amper]

My first 30 days came up today on my iPhone. I'm using Google Authenticator, only because I have it installed for other reasons. I'd honestly prefer to stop using Google anything.

 

[MJ5150]

Apparently it’s been thirty days for me, so I had to log in and MFA again today. Authy worked flawlessly on both devices.

Me too.

-Mike

 

[KellyC]

I think they're eventually going to require anyone who wants to sell in the classifieds to use the 2-factor authentication. A scammer has successfully hacked several well-respected seller accounts and published scam listings totaling tens of thousands of dollars over the past several months.

I don't know if any of them have been successful, but many of them have been ID'd and deleted, and the scammer has been refining his process to make them harder to recognize.

 

[CheckBass]

In both cases, your code will only need to be re-entered once every 30 days.

I have an issue: I have to enter a verification code everytime I want to log in.
Does anyone experience this as well?
What am I doing wrong?

 

[bobcruz]

I have an issue: I have to enter a verification code everytime I want to log in.
Does anyone experience this as well?
What am I doing wrong?

Your browser must be set to delete cookies when you close it...try putting in an exception for TalkBass.

 

[Type-55]

Not being super computer savvy I have a question, why can't the TB website issue a passcode like a bank, Paypal and other websites that alerts you that you have a code that pops up on the web site in use and you just click on it to paste it in? No more going to an extra app to get the code.
Any info is appreciated.