Enabling two factor authentication (2FA)

Enabling two factor authentication (2FA)

Two factor authentication or 2FA is a more secure method of authentication.

A password is something you know (1 factor); while 2FA is something you know and something you have. In this case, the password is something you know and your phone is something you have. In fact you are probably familiar with two factor authentication already if you use online banking. It’s the little code that you get sent via SMS and need to enter back into the website to authorise some action.

While it’s not too crazy hard to steal a password from an unsuspecting online user in some way, it’s a lot harder to do both, steal their password and get access to their phone.

Why do I need this?

For one, this is a mandatory requirement for all moderators, to keep your data and their accounts secure. As for other users, the more you post and contribute to the forum the more ‘trust’ you earn. Once the trust is high enough, you will automatically have access to private threads that are not visible or accessible by other users. We take your data security pretty freaking seriously, so we suggest you enable two-factor authentication on your forum account, to protect your private data and other users who may be posting a lot more personal data and stories in private threads.

So! How?

Prerequisites:
Make sure you are logged in to the forum.

Step 1:
Install Google Authenticator app on your phone.

• Google Play (Google app marketplace)
• iTunes (Apple app marketplace)

Rather than sending SMS, this application will generate and change codes over time. This code will be required to login to the website. You won’t need to do it every time you visit the forum, but you will need to add a code when you login from a different device.

2018-09-14_22-36-03.png318×568 55.9 KB

We will sync this application to the forum in later steps.

Step 3:
Click on your avatar (profile icon) and then on the settings button.

2018-09-14_21-40-11.png999×219 27.2 KB

Step 4:
Click the 2FA edit button, just under the ‘password’ area.

2018-09-14_21-41-14.png782×605 98.9 KB

Step 5:
Enter your password and click ‘continue’.

2018-09-14_21-42-01.png782×530 83.7 KB

Step 6:
On your phone, start the Google Authenticator app and scan the QR code on the screen (#1).

2018-09-14_21-42-24.png636×799 89.3 KB

N.B.
If you are using your phone to do this – you can click the ‘enter manually’ link instead, but it’s a lot of typing. I would do it from a PC or using two separate phones, to be able to scan the screen.

Step 7:
You phone will show you a code – enter that code into the code field (#2) and click the ‘enable’ (#2) button.

2018-09-14_21-42-24.png636×799 89.3 KB

You are done. You can test this out by logging out and back in. You will be prompted for a code.

Optional steps
Step 8: Backup

It may be that your phone is broken or unavailable, in this case, you can pre-generate some codes for later use. These are one use codes, so once you use one, you won’t be able to use it again.

To get backup codes, navigate to your profile settings and click the ‘Enable backup codes’ edit button.

2018-09-14_22-05-50.png655×616 82.7 KB

Step 9:
Copy the codes to a text file and save them somewhere. Preferably printed and not on your computer.

2018-09-14_21-44-27.png629×880 104 KB

You are done with backups.

New phone and now I am confused!
Will take me a while to set this back up on my phone and flat out with prep for Beer Fest on NYE so I’ll just check in from desk top from time to time…

this is the same boat iv’e been in mate!

If only we had someone on the forum who was IT/tech savvy that could help you gents out.

I will address this separately, however this is why you should have a copy of your 2FA backup codes!

I’ll get around to it, just don’t have time to scratch myself at the moment.

It literally takes 3 minutes. You have time to take a crap, use it efficiently.

How the fuck do you back up a code that changes every 2 minutes?

Nope… Any spare time is not playing with tech… Hopefully it eases up after tomorrow… 7000 odd people expected at this festival… Hopefully most of them want a beer or two…

There are codes that you can backup for emergency.

After you enable 2FA, take a look in your profile, just under the ‘Password’ option. You’ll see ‘enable backup codes’. You’ll need to save them separately.

Okies, as soon as you can please and good luck with the event.