Search found 11435 matches

by Edge100x
Tue Apr 11, 2023 9:09 pm
Forum: News
Topic: 2-step verification support
Replies: 15
Views: 16603

Re: 2-step verification support

There would have to be some merging functionality, and further communications, but I don't have details, since I have not explored it in depth.
by Edge100x
Tue Apr 11, 2023 6:07 pm
Forum: News
Topic: 2-step verification support
Replies: 15
Views: 16603

Re: 2-step verification support

Not a high priority for the forums to have MFA/2FA/2SV, since an attacker wouldn't be able to do much damage (nothing could be deleted, for instance). But it's something we can consider. We have thought about combining the forums login with the login from the main site but have not implemented that....
by Edge100x
Tue Apr 11, 2023 1:43 pm
Forum: General
Topic: Announcement: 2FA support is available on Control Panel
Replies: 7
Views: 4606

Re: Announcement: 2FA support is available on Control Panel

We're also here to provide service and help with instructions or other assistance if any user can't access services.

iraqiboy90, I've made an official post now, as well!
by Edge100x
Tue Apr 11, 2023 1:39 pm
Forum: News
Topic: 2-step verification support
Replies: 15
Views: 16603

Re: 2-step verification support

We've also made some other minor behind-the-scenes security improvements, such as enhanced CSRF protection and tokenized login credentials.
by Edge100x
Tue Apr 11, 2023 1:38 pm
Forum: News
Topic: 2-step verification support
Replies: 15
Views: 16603

2-step verification support

We added 2-Step Verification as an option last month! For increased security, we recommend that customers enable this feature through the control panel, under "My account". Using 2SV means that an extra code will be sent to your email when a log in is attempted (we also support authenticat...
by Edge100x
Tue Apr 11, 2023 1:19 pm
Forum: General
Topic: Announcement: 2FA support is available on Control Panel
Replies: 7
Views: 4606

Re: Announcement: 2FA support is available on Control Panel

Passwords are not reset through a payment source and that has never been the case. Accounts can, however, be recovered through a payment source, and the option is available on the login page. It is listed as "Recover login name or lost email access". It was important to turn on 2-step veri...
by Edge100x
Tue Apr 11, 2023 12:49 pm
Forum: General
Topic: Announcement: 2FA support is available on Control Panel
Replies: 7
Views: 4606

Re: Announcement: 2FA support is available on Control Panel

Naleksuh, you forgot that if a customer no longer has access to email, the account can still be recovered through any valid payment source. So, any customer who has a current service will be able to readily regain access. Losing access to your email account is still a huge deal and will cause all so...
by Edge100x
Fri Mar 17, 2023 9:34 pm
Forum: General
Topic: New login session
Replies: 9
Views: 6708

Re: New login session

Hmm. No reason that I can think of for it happening on this end, apart from what TimeX said. If I see it happen to me personally, I will be able to investigate further in depth.
by Edge100x
Thu Mar 16, 2023 10:24 pm
Forum: General
Topic: New login session
Replies: 9
Views: 6708

Re: New login session

Is your browser string or IP address changing? These could cause your token to no longer validate. If you're curious about the cookie lifetime, you should be able to check that through your browser's development tools. login_logout.pl should be fixed to work around your https issue now. That http re...
by Edge100x
Tue Mar 14, 2023 9:06 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

Sorry, I meant that the form didn't submit to a HTTP link. It submitted to HTTPS, and it was handled properly. The HTTP redirect that it responded with just that -- a simple redirection. When a client submits a HTTP request, our site automatically redirects to the HTTPS version, and that second redi...
by Edge100x
Tue Mar 14, 2023 3:50 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

The form wasn't submitted via HTTPS. That was just a redirect after the submission.

Either type of link is fine. http:// links don't need to be supported nowadays and there isn't really a reason to support them with the generic //.
by Edge100x
Tue Mar 14, 2023 3:01 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

It's certainly an interesting Firefox bug. Hard to say what triggered it, but if you have it on other pages, we can change those links, too.
by Edge100x
Tue Mar 14, 2023 2:55 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

It looks like it was redirecting to a http:// URL instead of https://. This shouldn't cause problems, because it would just redirect again upon the http:// page load, but you must have had a plugin or other configuration that interfered. Possibly an old and buggy https-everywhere type of plugin? (Th...
by Edge100x
Tue Mar 14, 2023 2:36 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

Yes, I tried that as well. No problems with it in Firefox 102.9.0esr, Chrome 111.0.5563.65, Edge 110.0.1587.69, or Safari on IOS 16.3.1. Correctly shows the error. Seems as though you may either have a plugin issue, identified a bug in your specific combination of browser and platform, or have a con...
by Edge100x
Tue Mar 14, 2023 1:17 pm
Forum: General
Topic: NFo control panel node.js library
Replies: 36
Views: 65270

Re: NFo control panel node.js library

Some applications may, but I wouldn't expect that to be widespread, since using the cookie method for CSRF is a cleaner and more maintainable way. That would be a fairly complicated attack vector (somehow forcing just the user's csrfcookie to be cleared, then have the user visit another link that se...