blog documentation FAQ followers forum marketplace services youtube

2 Factor Authentication

The Jamroom Network » Forum » Using Jamroom » Page » 2 Factor Authentication
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
A while back I enabled 2 Factor Authentication in my account tab, but didn't receive any email or anything to take that further.

I've just disabled it - what should happen when it is enabled?


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
updated by @ultrajam: 06/28/16 07:26:41AM
brian
@brian
12 years ago
10,149 posts
While enabled, if you had logged out (by actually logging out), the next time you logged in it would have sent you an email with a code on it that you would have had to enter to login. Works the same as Google/Apple/Twitter 2 factor auth.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
I'll try it now


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
That's neat!

I had thought 2 factor auth should be tied to a mobile phone (receive code via sms) so you auth'd with 2 separate devices


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
Recent class on phpclasses might be of interest:
Mobile phone sms authentication
Using class:
http://www.phpclasses.org/package/8177-PHP-Authenticate-users-once-using-codes-sent-via-SMS.html


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
brian
@brian
12 years ago
10,149 posts
Ultrabubble:
That's neat!

I had thought 2 factor auth should be tied to a mobile phone (receive code via sms) so you auth'd with 2 separate devices

Email works, since it adds an extra layer of protection - any hacker would need to access both your Jamroom account AND your email account.

Some 2 factor auth schemes do work with SMS, but then you really have to go through a 3rd party system to get SMS working around the world. Email works anywhere.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
Email works best for me - my mobile is off 95% of the time. I never know which number I'm supposed to be using, and recharging paygo from another country is often impossible.

I do really like the idea of verifying against something other than an email address though - a bank account or something. Not to prevent hackers, but to prevent the creation of multiple identities.


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
brian
@brian
12 years ago
10,149 posts
That sounds like a "challenge" type setup, where you log in and then it presents you with some security questions. Not a bad idea for a module.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
Fingerprint detection on a new iphone maybe?


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)
SteveX
SteveX
@ultrajam
12 years ago
2,589 posts
https://github.com/blog/1614-two-factor-authentication
Quote:

September 3, 2013
mastahyeti
New Features

Today we're adding two-factor authentication to GitHub.

When you enable this feature, it adds an additional layer of security to your account. When logging in to GitHub, after providing your username and password, you will be asked for a two-factor authentication code that is delivered to your mobile device via SMS or a free two-factor application. This additional step ensures that a malicious person who has discovered your password will not be able to log in to GitHub as you.

https://help.github.com/articles/about-two-factor-authentication#configuring-2FA-through-a-mobile-application
Theres an app for the smartphone which ? gets around the sms problem


--
¯\_(ツ)_/¯ Education, learning resources, TEL, AR/VR/MR, CC licensed content, panoramas, interactive narrative, sectional modules (like jrDocs), lunch at Uni of Bristol. Get in touch if you share my current interests or can suggest better :)

Tags