Something up with Logins?


 Share

Recommended Posts

Went to Neowin like I usually do 10-15 times a day (hey, it's my favorite site on the Net) and I wasn't able to log in. Had to reset my password and everything. Any unusual stuff happening in this arena today? And yeah, I'm using Google Authenticator as an additional layer of security.

Link to comment
Share on other sites

15 hours ago, Unobscured Vision said:

Went to Neowin like I usually do 10-15 times a day (hey, it's my favorite site on the Net) and I wasn't able to log in. Had to reset my password and everything. Any unusual stuff happening in this arena today? And yeah, I'm using Google Authenticator as an additional layer of security.

i get this from time to time and also use Google authenticator for 2FA.

 

If you try on the main page it just goes round in a loop but does not ask for your code. however, if you click the signup link then click log in as regged user it prompts you for the code after entering your username/pwd.

 

Link to comment
Share on other sites

1 hour ago, Mando said:

i get this from time to time and also use Google authenticator for 2FA.

 

If you try on the main page it just goes round in a loop but does not ask for your code. however, if you click the signup link then click log in as regged user it prompts you for the code after entering your username/pwd.

 

I had to turn off 2FA because of that annoyance. Works like poo, it does. 

  • Like 2
Link to comment
Share on other sites

7 minutes ago, adrynalyne said:

I had to turn off 2FA because of that annoyance. Works like poo, it does. 

Get Google Prompt.

Link to comment
Share on other sites

27 minutes ago, adrynalyne said:

I had to turn off 2FA because of that annoyance. Works like poo, it does. 

I agree, it is annoying that you cannot login to Neowin from the main page if you have 2FA enabled. You have to login via the forums.

Link to comment
Share on other sites

9 minutes ago, Circaflex said:

I agree, it is annoying that you cannot login to Neowin from the main page if you have 2FA enabled. You have to login via the forums.

i only ever remember after about 10 attempts as i infrequently delete my web history in chrome....allowing chrome to remember my pwds and sync across my devices....eventually the penny drops and i remember the reason heheh, a small price to pay once in a blue moon.

Link to comment
Share on other sites

BUGGER. I will make a bug about this, the login experience should be the same as the forums.

6 minutes ago, Mando said:

i only ever remember after about 10 attempts as i infrequently delete my web history in chrome....allowing chrome to remember my pwds and sync across my devices....eventually the penny drops and i remember the reason heheh, a small price to pay once in a blue moon.

 

Link to comment
Share on other sites

58 minutes ago, Steven P. said:

Get Google Prompt.

I don’t use my phone for anything 2FA if I don’t have to.  On top of that I don’t use my google account here. 

21 minutes ago, Steven P. said:

BUGGER. I will make a bug about this, the login experience should be the same as the forums.

 

Thank you. Maybe add support for OTP too? :D  Pretty please?

Link to comment
Share on other sites

50 minutes ago, adrynalyne said:

Thank you. Maybe add support for OTP too? :D  Pretty please?

Well that should already work though with the Remember me option, in combination with allowing Neowin cookies.

Link to comment
Share on other sites

I just want to know why one would use 2FA for Neowin. A little over kill anyone? I just use 2FA for important stuff like email, banking, etc.

Link to comment
Share on other sites

20 minutes ago, oldtimefighter said:

I just want to know why one would use 2FA for Neowin. A little over kill anyone? I just use 2FA for important stuff like email, banking, etc.

I don’t want someone impersonating me for anything. So I go max security when possible. 

  • Like 2
Link to comment
Share on other sites

18 minutes ago, adrynalyne said:

I don’t want someone impersonating me for anything. So I go max security when possible. 

Yeah, I can care less if someone stole my Neowin account. I would probably be more popular around here. LOL

 

On an unrelated note, you indicted you use this identity other places so I looked up your username and checked out your Twitter account... You are much more anti-Apple there than I have ever noticed you being here. 

Link to comment
Share on other sites

45 minutes ago, oldtimefighter said:

Yeah, I can care less if someone stole my Neowin account. I would probably be more popular around here. LOL

 

On an unrelated note, you indicted you use this identity other places so I looked up your username and checked out your Twitter account... You are much more anti-Apple there than I have ever noticed you being here. 

I’ve softened up over the years regarding Apple since I started mobile app development on the platform. ;) I used to be massively diehard Android. These days I just don’t care anymore. 

  • Like 2
Link to comment
Share on other sites

2 hours ago, Steven P. said:

BUGGER. I will make a bug about this, the login experience should be the same as the forums.

 

ill double check the detail later tonight mate, i log in using a hotmail address, aka legacy login with 2FA via google authenticator.

happy to submit a bug report.

Link to comment
Share on other sites

51 minutes ago, oldtimefighter said:

Yeah, I can care less if someone stole my Neowin account. I would probably be more popular around here. LOL

 

On an unrelated note, you indicted you use this identity other places so I looked up your username and checked out your Twitter account... You are much more anti-Apple there than I have ever noticed you being here. 

aww fighter, I value you, and our healthy debates mate :) same with Adrynalyne. I appreciate both your matter of factness, a spades a spade with both of you. I value that in people.

 

i use 2FA on anything i can, regardless of value, id rather keep my logins and accounts secure, regardless of criticality, and tbh ive been with Neowin longer than any other site. Probably due to my line of work i take pride in keeping my data and my accounts as secure as they can be.

  • Like 1
Link to comment
Share on other sites

LOL would you believe it, its working perfectly fine now :D 

 

ok the issue WAS 

on main page, if logged out, clicking "sign in" would ask for my creds, id enter them click sign in...then page would refresh and go back to "sign in stage" no authenticator prompt would display. however if i went to the forums login page, the authenticator prompt would show and it would allow login.

 

 

 

 

 

Link to comment
Share on other sites

2FA for something like neowin is just waste of time if you ask me.. As mentioned this is not a bank site or your email account that is used for recovery of website, etc... Use a unique secure password and you should be fine.  My neowin password is 20 character random.. Why should I also need 2FA?

 

And you do understand that if someone really wants your neowin account, what 2FA are you using?  Its it based upon SMS.. If so that was deprecated awhile ago as it is no longer considered secure.

https://pages.nist.gov/800-63-3/sp800-63b.html

 

I am on neowin too much to have to deal with 2FA every time I login ;)

 

Just my 2 cents, comes down to how tight your tin foil hat is and what other security practices you take.. While I agree with MFA depending on what your logging into - when it fails it sucks, and using it can be PITA.. For something like a forum site it just seems a bit over the top if you ask me.

 

A few years back the login in wasn't even via ssl.. I had brought this up back in 2013

 

 

Link to comment
Share on other sites

2 hours ago, BudMan said:

2FA for something like neowin is just waste of time if you ask me.. As mentioned this is not a bank site or your email account that is used for recovery of website, etc... Use a unique secure password and you should be fine.  My neowin password is 20 character random.. Why should I also need 2FA?

 

And you do understand that if someone really wants your neowin account, what 2FA are you using?  Its it based upon SMS.. If so that was deprecated awhile ago as it is no longer considered secure.

https://pages.nist.gov/800-63-3/sp800-63b.html

 

I am on neowin too much to have to deal with 2FA every time I login ;)

 

Just my 2 cents, comes down to how tight your tin foil hat is and what other security practices you take.. While I agree with MFA depending on what your logging into - when it fails it sucks, and using it can be PITA.. For something like a forum site it just seems a bit over the top if you ask me.

 

A few years back the login in wasn't even via ssl.. I had brought this up back in 2013

 

 

i only ever need to use google authenticator 2FA for neowin whenever i delete my browsing history and cookies on home desktop and work laptop, nobody gets to log in my win profiles on either, so its once every couple of months max i need to do it. I saw it was avail so thought what the heck. :) 

Link to comment
Share on other sites

This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.