Important A Message From The Boot!

[LordSunhawk]

I know there's been a sticky about pending upgrades for a while now. We have spun up a private test environment where we are testing to ensure that the upgrade will be seamless for all of our users. Once we are confident that we can safely perform the upgrade to the latest version of Xenforo, along with installing new functionality in regards to media and following content, we will roll it out. We'd rather take more time now making sure we're doing this right than rush it and have to scramble to pick up the pieces.

Several things that I am considering for the future.

A - Requiring 2-factor authentication for all accounts.
Currently all staff members are required to use 2FA, requiring 2FA universally will significantly improve security for our users, making it far more difficult for bad actors to take control of or view private account information.

B - Investigate improving the post editor
Currently our post editor and Google Docs don't much like each other, we will be investigating to see if we can find any solutions. In addition, the integrated spell check function on the post editor is, well, poor at best.

Note that these are under consideration, they are not guaranteed to happen, they are not set in stone, and plans are 100% subject to change. Please keep that in mind!

 

[The Immortal Watch Dog]

Not to clutter up your thread, but I don't trust your staff with my personal information. If your two form authentication requires me to provide a phone number, I'll either find a way to use a burner or delete my account.

I understand your concerns, but much of the new bosses are to me, the same as the old ones and I'll not be handing people the means to making doxxing easier.

A security key or someshit would be cool..though

B, would be awesome.

Grazi

 

[LordSunhawk]

It won't require a phone number, just the email address you already registered with.

 

[The Immortal Watch Dog]

It won't require a phone number, just the email address you already registered with.

Cool!

Yeah given recent events it's probably better.

 

[S'task]

Not to clutter up your thread, but I don't trust your staff with my personal information. If your two form authentication requires me to provide a phone number, I'll either find a way to use a burner or delete my account.

I understand your concerns, but much of the new bosses are to me, the same as the old ones and I'll not be handing people the means to making doxxing easier.

A security key or someshit would be cool..though

B, would be awesome.

Grazi

There's a two different options to configure 2FA. You can set it up with your email address, as Sunhawk has indicated. Another method is to download an app for your smartphone that handles generating 2fa keys like Authy and linking it to your TS account. I personally prefer the second as it is more secure than emails, since an email account can be compromised whereas even if my phone is somehow stolen, I have a lock on it, and if THAT is broken, my 2FA program itself requires a passkey to be able to see the 2fa codes, so there's multiple layers of security there...

Anyway, even if we don't implement any of these changes, I strongly suggest folks get 2fa on their accounts. It greatly increases your personal security and gives considerable peace of mind.

 

[Jormungandr]

I wouldn't use the phone 2FA method for various reasons (frankly, while good for security, they're a complete pain in the ass, and I hate using them as a mandatory measure on crypto-exchanges), but I wholeheartedly support the e-mail 2FA.