sl75
Posts: 2,092
Likes: 1,245
|
Post by sl75 on Jan 17, 2019 16:24:28 GMT
I've attached an image of the setting on the user profile. It only explicitly refers to "this device". Being able to enable it for any device would effectively circumvent the additional security of 2FA for the 30 day window. Ok. I'd normally expect that kind of setting to be duplicated on the actual page where the second stage of the login process occurs, as a "don't ask me again"-type checkbox. I certainly wouldn't expect to need to dig for it there every time I log on after restarting my browser (which clears all cookies).
Didn't the people who'd been beta-testing this so far pick up on such a deficiency?
|
|
|
Post by hammertime on Jan 17, 2019 16:31:02 GMT
Welcome to the world of A/c
|
|
|
Post by Ace on Jan 17, 2019 16:31:25 GMT
Ace - it was deemed necessary to seek explicit opt-out on each device on each time you wished to defer 2FA on login. I've not yet seen the UI, as (at least while it's simple to do so) I've been resisting the change on principle.
Given your description of this as a setting that applies to a specific device, I assume the UI looks something like a tickbox like "[ ] don't ask me again for 30 days" on the 2FA page.
A setting on the User Profile page would quite rightly be expected to be stored on the website's database and apply to all devices.
I'm afraid it's a mixture of the two sl75 . The tickbox is on the user profile page. The text essentially says: don't bother me with 2FA for a while on "this" device. It really does seem like the wrong place to me. A better solution would be for the tickbox on the profile page to say "Ask me if I want to be presented with reduced 2FA pestering each time i authorise with Authy". Then, each time I successfully authorize via Authy, a pop-up should say "Would you like to reduce the frequency of 2FA requests on THIS device?". This solution would make much more logical sense to me, and I would be able to reduce 2FA requests on my multiple personal devices and not reduce them on public devices. What do you think chris ? This is my last attempt to influence what I feel would be a positive change on this issue. I promise not to bleat on if you reject it 😉 EDIT: Crossed with many above while I was contemplating my response.
|
|
|
Post by chris on Jan 17, 2019 17:28:43 GMT
Ace - I agree with you. This is a bit of a mistake when the push service was implemented (so you don't type in the numeric code when using the app). Historically, and if you're not using the app, then there's a tick box under the box where you'd type the authorisation code in. The push version is missing that. We'll get it added back in the next couple of weeks. The tick box in the profile section is there for convenience if you didn't tick the box on log in.
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Apr 16, 2019 16:52:09 GMT
It's been more than a month and nothing seems to have happened yet. chris , what's the latest on this please? It's been stuck getting the rest of the business to approve the process for a couple of edge cases, which is now running in to Christmas. It's now scheduled to go live in the second week of Jan. chris, why was this not implemented as planned?
|
|
|
Post by chris on Apr 16, 2019 19:24:42 GMT
It's been stuck getting the rest of the business to approve the process for a couple of edge cases, which is now running in to Christmas. It's now scheduled to go live in the second week of Jan. chris , why was this not implemented as planned? It was implemented but never set live as the rest of the business didn't have the time and resource to test it and sign it off. It's still planned for release soon but needs that vital UAT.
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Apr 17, 2019 10:51:36 GMT
chris , why was this not implemented as planned? It was implemented but never set live as the rest of the business didn't have the time and resource to test it and sign it off. It's still planned for release soon but needs that vital UAT. Thanks chris. Realistically, when are we looking at now?
|
|
|
Post by chris on Apr 17, 2019 10:54:14 GMT
Thanks chris . Realistically, when are we looking at now? I honestly don't know - it should be within the next couple of weeks, but it's not the first time I've been told that this is the case.
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Apr 17, 2019 10:56:31 GMT
Thanks chris . Realistically, when are we looking at now? I honestly don't know - it should be within the next couple of weeks, but it's not the first time I've been told that this is the case. I certainly won't hold you to it! Thanks!
|
|
|
Post by brettb on Apr 25, 2019 0:23:31 GMT
SMS's not sending again, they're a real hassle if you're overseas. It's the reason I'm winding down my Assetz account.
Edit: actually they are sending, but they're too slow too arrive or something. This is why we can't have nice things.
|
|
|
Post by chris on Apr 25, 2019 6:23:30 GMT
SMS's not sending again, they're a real hassle if you're overseas. It's the reason I'm winding down my Assetz account.
Edit: actually they are sending, but they're too slow too arrive or something. This is why we can't have nice things.
If you install the Authy app then you don't need a cell connection on your phone to provide 2FA. You can use push notifications over wifi if connected, or just manually type in the displayed code if your phone is completely without a connection.
|
|
|
Post by hammertime on Apr 25, 2019 8:49:05 GMT
SMS's not sending again, they're a real hassle if you're overseas. It's the reason I'm winding down my Assetz account.
Edit: actually they are sending, but they're too slow too arrive or something. This is why we can't have nice things.
Never had a problem with it cant see what all the fuss is about.
|
|
trium
Member of DD Central
Posts: 380
Likes: 298
|
Post by trium on Apr 25, 2019 17:55:00 GMT
SMS's not sending again, they're a real hassle if you're overseas. It's the reason I'm winding down my Assetz account.
Edit: actually they are sending, but they're too slow too arrive or something. This is why we can't have nice things.
Never had a problem with it cant see what all the fuss is about. Are you overseas?
|
|
|
Post by hammertime on Apr 26, 2019 9:08:54 GMT
Both still no probs.
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Apr 26, 2019 9:11:34 GMT
SMS's not sending again, they're a real hassle if you're overseas. It's the reason I'm winding down my Assetz account.
Edit: actually they are sending, but they're too slow too arrive or something. This is why we can't have nice things.
Never had a problem with it cant see what all the fuss is about. I hate to be the one to point out the obvious but just because you haven't had a problem, doesn't mean that others haven't.
|
|