How To Create two-step log-in verification

MolokaiRider

MolokaiRider

Gold Member
Joined
Sep 13, 2017
Messages
8,628
Pretty easy...worth the few seconds to set it up, for your security and less gnashing of teeth later.

Click your avatar:
IMG_9770.jpeg
Click "Password and Security"
IMG_9771.jpeg
Click "Change"
IMG_9772.jpeg


Follow the rest of the prompts. I use email verification, which sends a code to your email.

Happy BladeForums surfing!

Aaaaaaaallloooohaaaaa!
 
MolokaiRider said:
Pretty easy...worth the few seconds to set it up, for your security and less gnashing of teeth later.

Click your avatar:
View attachment 2515481
Click "Password and Security"
View attachment 2515485
Click "Change"
View attachment 2515482


Follow the rest of the prompts. I use email verification, which sends a code to your email.

Happy BladeForums surfing!

Aaaaaaaallloooohaaaaa!
Click to expand...
So, what is 2 step Ver? in simple terms.

A couple years ago BCUSA encouraged it's members to, I did without knowing what to do or expect, and now it's a pain in thebutt to login there. I can from certain devices...Others I gave up trying. I think they keep making me redo my passwards, idk? Stopped going there becsue of 2 step.

I don't want to make the same mistake.
Will I have to relog in Every time with passwords that NEED to be changed every so often? :/
 
Crag the Brewer said:
So, what is 2 step Ver? in simple terms.

A couple years ago BCUSA encouraged it's members to, I did without knowing what to do or expect, and now it's a pain in thebutt to login there. I can from certain devices...Others I gave up trying. I think they keep making me redo my passwards, idk? Stopped going there becsue of 2 step.

I don't want to make the same mistake.
Will I have to relog in Every time with passwords that NEED to be changed every so often? :/
Click to expand...
It has no connection to your password and changes nothing there.

If you log on from a new device, you put in your password and a 2fa code. Every 30 days your login expires, and you do it again.

The 2fa code you get from your 2fa app of choice. Google authenticator is an option. Microsoft and others also have them.

You can keep using the same password. The 2fa code changes but is straight from your 2fa app so not something to memorize or need to know.

So the process is just:
1. Go to blade forums
2. Log in with your same username and password
3. The site prompts you for the 2fa code if it's been 30 days or it's the first time you have logged in from that device. You open Google Authenticator (or whatever app you choose) and copy whatever code it shows you for bladeforums.

So it is one more step than without it


The benefit is if someone gets your password (or you reuse it and they get it from another site being hacked, for example), you're still safe because they also need access to your phone and the 2fa app to log in from their device. The password alone does them no good.
 
Last edited:
Set up 2FAS here a long time ago and I don't understand why others haven't yet either. 🤷‍♂️

You need to download a 2FAS app (I use one called the 2FAS Authenticator) on your phone & authorize 2FAS for use w/BF.
Then you link BF to the app using a QC or other method offered by the app.

After that you log into BF as usual (w/user name & password) but then
BF will then prompt you to enter the 2FAS code # (which changes @ 30 secs) before the login will be completed.

I use 2FAS where ever offered by programs/apps/sites that I use.
 
Last edited:
kreole said:
It has no connection to your password and changes nothing there.

If you log on from a new device, you put in your password and a 2fa code. Every 30 days your login expires, and you do it again.

The 2fa code you get from your 2fa app of choice. Google authenticator is an option. Microsoft and others also have them.

You can keep using the same password. The 2fa code changes but is straight from your 2fa app so not something to memorize or need to know.

So the process is just:
1. Go to blade forums
2. Log in with your same username and password
3. The site prompts you for the 2fa code if it's been 30 days or it's the first time you have logged in from that device. You open Google Authenticator (or whatever app you choose) and copy whatever code it shows you for bladeforums.

So it is one more step than without it


The benefit is if someone gets your password (or you reuse it and they get it from another site being hacked, for example), you're still safe because they also need access to your phone and the 2fa app to log in from their device. The password alone does them no good.
Click to expand...
Ok, thank You, this is helping....

So if a person uses multiple devices, Each one gets relogged into each month?

I belive i had mine emailed to me? previously at the Other forum...... does that sound right? I don't like adding apps all the time, when I don't HAVE to.

I'm older.... from a generation when memory was Something. and had to delete a hundred pictures of clowns that Microsoft would hide on our desktops just to eat up harddrive space HaHa. Seriously.
 
Crag the Brewer said:
Ok, thank You, this is helping....

So if a person uses multiple devices, Each one gets relogged into each month?

I belive i had mine emailed to me? previously at the Other forum...... does that sound right? I don't like adding apps all the time, when I don't HAVE to.

I'm older.... from a generation when memory was Something. and had to delete a hundred pictures of clowns that Microsoft would hide on our desktops just to eat up harddrive space HaHa. Seriously.
Click to expand...
Correct, each device gets reloaded into each month, each a separate 30 day timer.

It could be right you got emailed a code somewhere else. Sometimes places will do a text or an email with the code instead of using an app. The benefit of the app is, say you use the same password everywhere. Well then emailing the code is no more secure because the hacker can use your email to check your mail for the code as well.

Another benefit is it's just quicker to not have to wait for the code to be sent to you. Not sure if you've had this experience, but sometimes with email or text I've had to wait a few minutes to get the dang thing. The app has the code for you as soon as you can open it.

Out of curiosity I just pulled up my phone storage. I haven't been using it to long, just about a year, but have had Google Authenticator from the start. It is taking up 28mb of storage--so not much of anything, less than photos these days. I have about 20 accounts using it if that matters. I'm with you with not installing individual apps for everything (especially stuff that I can access from the browser), but this one has been worth it.
 
Crag the Brewer said:
Ok, thank You, this is helping....

So if a person uses multiple devices, Each one gets relogged into each month?

I belive i had mine emailed to me? previously at the Other forum...... does that sound right? I don't like adding apps all the time, when I don't HAVE to.

I'm older.... from a generation when memory was Something. and had to delete a hundred pictures of clowns that Microsoft would hide on our desktops just to eat up harddrive space HaHa. Seriously.
Click to expand...
I don't use the app and get my code by email
 
sgt1372 said:
Set up 2FAS here a long time ago and I don't understand why others haven't yet either. 🤷‍♂️

You need to download a 2FAS app (I use one called the 2FAS Authenticator) on your phone & authorize 2FAS for use w/BF.
Then you link BF to the app using a QC or other method offered by the app.

After that you log into BF as usual (w/user name & password) but then
BF will then prompt you to enter the 2FAS code # (which changes @ 30 secs) before the login will be completed.

I use 2FAS where ever offered by programs/apps/sites that I use.
Click to expand...

I didn’t need to download anything additional, it’s built into the site software just like the first post shows. When my 2FA resets while browsing the forum, I chose to get a code sent to my phone that I enter into BF and it signs me back in. It’s pretty damn easy to get set up.
 
word of warning though, if you no longer have access to your authenticator, you walk away from the forums for lets say, a couple years and forget what authenticator was used, etc. And you have no clue where those codes they give you are when you first set up two factor authentication with an app, well, your out of luck. And you can't reuse your old email as the previous profile still has that email, so you can reset the password till your blue in the face but without the authenticator app, you can't get back into your own/old account.
 
^^^^^
You can avoid much of any such authenticator drama by using "authy". You have the option to have it loaded on more than one device, and to be able to retrieve the data if installing on a new device...which used to be one of my fears.

I've been using it happily for some time.
 
Maybe a dumb question, but if I enable 2fa and opt for emailed codes, can I switch to an app later?

Thanks for this thread. :thumbsup:
 
Blue Sky said:
Maybe a dumb question, but if I enable 2fa and opt for emailed codes, can I switch to an app later?

Thanks for this thread. :thumbsup:
Click to expand...
Not a dumb question at all. And I don't specifically know the answer...but...

My guess is that you'd do the following. Turn off 2FA via your control panel...in the same place you enabled it. Then once you turn on the option again, choose the app as the option you wish to use and follow the steps from there.

I'm pretty sure we'd be able to get it sorted via the boss if it were problematic...but my educated guess is that you shouldn't be locked into the original method.
 
You must log in or register to reply here.
Back
Top