2fa

RobM · May 9, 2017

Are we now being forced to use this or am I just not seeing the option to ignore it like I used to?

dee · May 9, 2017

I got this from nominet about 20 mins ago

Date:

2017-05-09

Tuesday 9 May

Additional notes:

As a reminder changes included:

Mandatory 2FA for registrars accessing

Online Services

Domain Health enhancements

UK EPP updates
Changes to the gTLD domain:check response
New mailing list preferences

Visit Registrar Resources for more information.

deluxedomains · May 9, 2017

I notice they now have a livechat button and what a stupid place to locate it in my opinion....

RobM · May 9, 2017

Oh joy. I see they recommend using google authentication - might as well just give google the keys to our house the amount of shit they force us to do. In the last 2 years I've gone through 2 phones and 3 tablets... yeah this won't cause any problems in the future.

RobM · May 9, 2017

My online banking and forex accounts both use a virtual keyboard with random key placement. No need to have a 'device' with you - can't be keylogged - or sniffed. But hey... why make life easy?

Admin · May 9, 2017

Yes it's mandatory, I protested last year but they don't listen. 2fa is not very practical for me either. You'll notice Leanne has not even been back on Acorn to read the answers to her question regarding bulk registration of the .UK 2 year 'offer', says it all.

ian · May 9, 2017

RobM said:
Oh joy. I see they recommend using google authentication

I believe you can use authy too, though not tried myself. I don't have any particular issue with this method, I've adapted considering I rarely have my phone on me, but I can see how it is less secure than some methods and an inconvenience to others. My daily bank and investment bank both use finger print, which I believe is also easy to copy!

ian · May 9, 2017

Steve (Admin) said:
Yes it's mandatory, I protested last year but they don't listen. 2fa is not very practical for me either. You'll notice Leanne has not even been back on Acorn to read the answers to her question regarding bulk registration of the .UK 2 year 'offer', says it all.

I thought she came back and replied?

Admin · May 9, 2017

very early on only after a few replies, not since i replied onwards

martin-s · May 9, 2017

2fa really isn't an issue. Just get the iPhone app and it's dead easy

Edwin · May 9, 2017

Steve (Admin) said:
Yes it's mandatory, I protested last year but they don't listen. 2fa is not very practical for me either. You'll notice Leanne has not even been back on Acorn to read the answers to her question regarding bulk registration of the .UK 2 year 'offer', says it all.

Considering that she had her head practically bitten off for asking a straightforward question, it's not entirely surprising she's not glued to Acorn. Nothing suggests she won't be back, but anyway I've emailed her to let her know that another couple of people expressed interest in possibly using the bulk tool.

On 2fa, Authy on Chrome and Authenticator on mobile seem to be a good combo, and that gives you a second option if one or the other isn't available. (Nominet support multiple simultaneous 2fa solutions as long as you register each one with them)

RobM · May 9, 2017

martin-s said:
2fa really isn't an issue. Just get the iPhone app and it's dead easy

After several iphones I'm now on Android. But ignoring that .... why? Anything that causes me inconvenience and takes more time IS an issue. I've had no choice - I've had to do it. I guarantee all it is doing is inconveniencing me. There are umpteen discussions over the internet about why 2fa is actually not that much of an improvement and alternatives that already exist (as I stated before my online banking is one) that are equally as secure but don't run the risk of preventing the proper account holder actually getting in. Don't be so quick to accept anything thrown at you - all nominet had to do was give us the option. They took that away. You could have been happy your way - I mine. Now I don't have that choice. Phones break, they get lost, they get stolen, they don't always work everywhere in every country.

BG · May 9, 2017

For months I've been disregarding the system messages and simply clicking "Remind Me Later" - However, today it's forcing members to use it (It has been warning us for months mind you). The App works perfectly on the iphone but sadly i don't always have my mobile with me when wanting to access Nominet! It would make sense to also have a MAC authenticator plugin too but from memory they didn't offer one? just IOS for iphone and ipad...

ian · May 9, 2017

I have no issue with it if the inconvenience caused offers a little more protection from hacks; however, who has forced Nominet's arm to make this compulsory?

Edwin · May 9, 2017

BG said:
It would make sense to also have a MAC authenticator plugin too but from memory they didn't offer one? just IOS for iphone and ipad...

Doesn't Authy work on Mac? It works on Windows...

RobM · May 9, 2017

ian said:
I have no issue with it if the inconvenience caused offers a little more protection from hacks; however, who has forced Nominet's arm to make this compulsory?

I guarantee the first time you cannot login because of it you will find it a little bit more than 'inconvenient'. Or if you ever lose the device you have the authenticator on. Or if the device gets damaged. Especially if it's on a Friday night because they don't have enough money to deal with any queries until 9am monday morning. To me it's like forcing you to carry your pin number on a post-it note stuck to the back of your credit card. In 12 years that I've been with nominet 2 passwords has always been enough and, as I said, they could even make the second password screen a virtual keyboard. They have either succumbed to the hype (more people are realising how unnecessary and, in some cases, dangerous 2fa is) or they have some kind of vested interest. Either that or they are telling us they don't trust the security at their end which would be a shame considering the bazillions of extra pounds they have that they like to spend on non-registry related projects. Anyway it's done now and I'm sure we will all run along like good little boys (and girls, and gender neutrals) and install authenticators on our phones. A choice would have been nice but then that's never been nominet's way. I wonder what google and nominet have in store 'for our own good' next.

RobM · May 9, 2017

I should add that it's working fine by the way

I can see problems at some point though.

ian · May 9, 2017

RobM said:
Anyway it's done now and I'm sure we will all run along like good little boys (and girls, and gender neutrals) and install authenticators on our phones. A choice would have been nice but then that's never been nominet's way. I wonder what google and nominet have in store 'for our own good' next.

I already had it installed on my phone/pc for other services, which I've used for over a year, so I guess the hardship wasn't so much a big deal. I probably wouldn't have been happy using it entirely for Nominet's access.

Edwin · May 9, 2017

There's absolutely no reason not to have 2 separate devices activated (eg phone and PC) for added reassurance. That way, unless you break both at the same time you should still be able to log in...