New Two Step Login?

[Cameramonkey]

The most important question, Will this keep *.gov out?

its already being crawled daily by google. They dont need in.

 

[actaeon277]

You didn't try to log in this morning did you? Wasn't an option then. Texkev turned it off a little after noon.

And now, it's off.

 

[DoggyDaddy]

And now, it's off.

Correct.

 

[actaeon277]

Of course it's correct.
I'm here.

 

[littletommy]

He asked about cash. I think there's some confusion on the matter of if you take cash or not. So, do you?

See, that's what I never liked about him! He just can't give a straight answer!

 

[DoggyDaddy]

Of course it's correct.
I'm here.

But it wasn't when 42769vette tried logging in...

 

[cobber]

Just logged in without 2FA. How did that happen?

 

[DoggyDaddy]

Just logged in without 2FA. How did that happen?

It's turned off. Scroll back... Texkev turned it off this afternoon.

 

[KG1]

Ive been trying to get my phone logged in all day. All I can get it

"oops! We ran into some problems"

"The two-step verification value could not be confirmed. Please try again"

This is going to get real old, real quick.

This happened to me when I tried to login on my cell phone a little while ago supposedly after Texkev disabled it.. It eventually worked though after numerous attempts.

 

[42769vette]

This happened to me when I tried to login on my cell phone a little while ago supposedly after Texkev disabled it.. It eventually worked though after numerous attempts.

I just got the 2 step to work (probably 40 tries)

Now to figure out how to disable it.

 

[DoggyDaddy]

I just got the 2 step to work (probably 40 tries)

Now to figure out how to disable it.

Start here...

The OSUT #223 looking towards fall

Straight from the horse's mouth... https://www.indianagunowners.com/threads/2-factor-auth-turned-off.511745/ Thanks for the info DD !

www.indianagunowners.com

There's pictures and everything!

I will say this... INGO seemed busier today than it's been in a long time! I wonder how much was related to the 2FA stuff.

If so, then @texkev is pretty sly!

 

[BugI02]

It's off, because I'm here, and I haven't used the 2 step auth.

If you enabled it during the time it was required, you are still required to enter the code unless you disable it (I assume, I have not tested this because I expect we'll be revisiting the 'solution')

I still don't know why someone in authority will not state 'in the clear' that INGO has not had a breach, unless ...

 

[BugI02]

The most important question, Will this keep *.gov out?

Not if you enable a google app in order to have google store your password as well as link your cell # or email to your INGO account

Not much daylight between google and .gov

 

[Bugzilla]

I'm back on but I have no idea how I did it. Pure dumb luck I guess.
It took 8 or 10 tries so I don't know what worked and doubt I could repeat it.

Same here. Tried a few times. Then I go to download the app and could not get in because I couldn’t remember the password. Go to reset the password and did not download the app and realized I could get in. So after all the frustration all is good for now!

 

[chezuki]

Not if you enable a google app in order to have google store your password

That’s not how it works.

 

[foszoe]

If you enabled it during the time it was required, you are still required to enter the code unless you disable it (I assume, I have not tested this because I expect we'll be revisiting the 'solution')

I still don't know why someone in authority will not state 'in the clear' that INGO has not had a breach, unless ...

I agree with Bug.


I did feel a slight pang because of this.

 

[marvin02]

I still don't know why someone in authority will not state 'in the clear' that INGO has not had a breach, unless ...

It's possible they don't know how the scammers got access to the accounts. Many people use the same passwords and email accounts on multiple sites, so a breach on another forum could lead to the scammers getting access to multiple accounts on multiple forums (and other places). The user data file could have been accessed without anyone here knowing.

The scammers appeared to be using accounts that had not logged on in a while. Does this indicate they had a choice of accounts to use?

Did the scammers buy the info from hackers?

Probably won't ever know for sure.

You need to assume that no site is completely secure.

 

[jsx1043]

The most important question, Will this keep *.gov out?

Not if people use Google Authenticator

 

[jkaetz]

Not if people use Google Authenticator

?

GA and other authenticators are time + key based generators. They should produce the same number with the same key or else the server wouldn't know if it was the right number or not. Our are you thinking that GA would give away the keys?

The .gov and other alphabet agencies won't care either way IMO.

 

[jsx1043]

?

GA and other authenticators are time + key based generators. They should produce the same number with the same key or else the server wouldn't know if it was the right number or not. Our are you thinking that GA would give away the keys?

The .gov and other alphabet agencies won't care either way IMO.

Let’s just call it that I don’t have an inkling to trust anything Google, Alphabet or Facebook when it comes to security.