Two-factor auth receiving codes on email/sms

Yorumlar

7 yorum

  • Draco
    That's basically E-mail verification when you login in a new location
    0
    Yorum işlemleri Permalink
  • mesub
    It would defeat the purpose of 2FA
    -2
    Yorum işlemleri Permalink
  • Ness
    I don't think that would be a good idea 🤔
    -2
    Yorum işlemleri Permalink
  • Kenai

    Discord is the only company I know about that doesn’t have this.

    -1
    Yorum işlemleri Permalink
  • ┻━┻︵╰(°□°)╯︵┻━┻

    Apparently my post about the same subject has been merged with this one so I'm just gonna leave my full opinion here as well.

       With the recent "threat" of the July 27th Discord Attack I believe we could use the option to authenticate via E-mail, even if they aren't serious or it's nothing to be too concerned about. Considering not all members actually have mobile devices to use these apps, yes not everyone has a phone/tablet/etc, to defend their accounts (Authentication apps are not downloadable on PC, at least not the reputable ones that I'd trust (i.e. Google/Microsoft/Authy) ) (Authy actually does have a desktop app but still REQUIRES a mobile phone number). I've got a few friends who are worried but can't put two-factor on their accounts due to a lack of a mobile device that can run an authenticator.

       If we could have an e-mail authentication option that would resolve the need for an authentication app for some users and should still remain very secure as long as the user's e-mail & discord passwords are different, which should be common sense. Additionally even if you can setup an authentication app they can easily result in the loss of an account should you lose/break your mobile device or uninstall without disabling authentication first. Meanwhile, your e-mail would still be available even if your mobile device was broken/lost and you could still access Discord somewhere else.

    Additionally E-mail authentication could be implemented as mandatory part of all Discord accounts, unless another form of 2FA was in use instead, then it should in theory solve many future security risks.

    If you agree with this idea please give it an up-vote, share a link to this page with your friends & Discord servers, and give any feedback so we can convince Discord to implement this feature.

    2
    Yorum işlemleri Permalink
  • ┻━┻︵╰(°□°)╯︵┻━┻

    @mesub
    No it's another option of 2FA for those who don't want to/cant' use a 2FA app.

    @Ness
    I truly believe we could only benefit from an E-mail 2FA option. Assuming the user has common sense to use different passwords on their Discord & E-mail this is a great option for extra security.

    0
    Yorum işlemleri Permalink
  • ┻━┻︵╰(°□°)╯︵┻━┻

    @Draco
    A friend actually pointed out last night that there is a requirement to E-mail verify when you log in from a new device/location, but I have NEVER had to do this in any of my log-in attempts from multiple devices since I joined Discord. I still think we need a E-mail 2FA system anytime you log-in, whenever you try to make a major change, or view you most private info on Discord. Not just for new sign-in locations/devices, and seeing as how I've never received a verification E-mail it may not currently be a reliable means to protect accounts at time and I still believe we need a full 2 Factor Authentication E-mail option.

    0
    Yorum işlemleri Permalink

Yorum yazmak için lütfen oturum açın.