2 Factor Authentication

[77T]

Quote:

Originally Posted by Lol-x

At this time existing users who have the 2FA activated can continue to use it. However, new users seeking to activate 2FA will not be able to do so.

I am working now to find an alternative 2FA solution....

Much luck Steve - no rest for the weary, sorry.

The solution via Google Authenticator has been fine from my end - was this the alternate QR provider that had problems?

There may be a solution in this GitHub resource. https://github.com/MincDev/php-2-factor-authentication

Just sharing in spirit of teamwork.

Sent from my iPhone using Tapatalk Pro

[Lol-x]

Thanks Paul, I'll check it out.
Looks like Google has taken the API offline, I can maybe try reaching out to them and asking them to re-activate the https://chart.googleapis.com/chart - API URL.

If anyone has a contact at Google that may be helpful....

[train-time]

I have been getting the 2FA message for the last week or so every time I try to login. Nothing new here, no new phone, new computer, ISP provider is the same one for the last 20 years. Modem and router haven't changed in years. Just a royal PIA. Time to turn off the 2FA.

[Old Geezer]

I updated my home network and the wi-fi name was changed. I had to deactivate 2FA to log in to TRF and experienced the same issues as others unable to generate a QR code to re-enable 2FA.
I'm very careful safeguarding my credentials but in this age of security hacks at every turn, especially on public wi-fi networks, I'm feeling pretty vulnerable as far as my TRF account goes.

[Lol-x]

There's a problem with Google not supporting 2FA by supplying an image at the moment. Maybe Google is doing this for a good reason.

Just make sure you never click on links sent to you in emails or Personal Messages which take you to a fake website and ask you to log in to see information/photographs or respond to a message.

As long as you exercise care as described above you will be fine.

[Old Geezer]

Thanks for responding Steve. I'm very careful and never click on links, especially when something is unsolicited like pm's, text messages, emails.

[Lol-x]

This is a new password option from Google:

Passkeys created in Google Password Manager now work across your computers and Android devices.

Passkeys let you securely sign in to apps and websites with facial recognition, your fingerprint, or screen lock.

Create passkeys with Google Password Manager from your Android, ChromeOS, macOS, Windows and Linux devices.

Set up a Google Password Manager PIN to ensure your passkeys are end-to-end encrypted and can’t be accessed by anyone, not even Google.

Use your Google Password Manager PIN or your Android device screen lock to access passkeys across your devices.

https://www.google.com/account/about/passkeys/

Passkeys are an easier and a more secure alternative to passwords. They let you sign in with just your fingerprint, face scan or screen lock.

Unlike passwords, passkeys can only exist on your devices. They can't be written down or accidentally given to a bad actor. When you use a passkey to sign in it proves that you have access to your device and are able to unlock it.