@abcabc123 this is being resolved over at https://sudonix.org. Please avoid posting in multiple locations as this just adds confusion and removes value.
Community Representatives
Users helping the NodeBB team spread the word!
Posts
-
Please help me, I can't install -
Please help me, I can't install@abcabc123 It will do - I did tell you this would happen
resolv.conf
is deprecated. -
Is it possible to redirect users to root after login?@darkpollo have a look at
/admin/settings/general
and around half way down, you'll see -
[nodebb-plugin-2factor] Two-Factor Authentication@darkpollo said in [nodebb-plugin-2factor] Two-Factor Authentication:
Also you trying to tell me I cannot detect ofensive comments because I am not English native is also kind of dismissive as well.
This will be the last comment I make on this subject, but I never made any assumption that you could not detect "offensive" comments - it is your interpretation. If you find it offensive, then so be it - I cannot and will not attempt to change that view based your response.
@darkpollo said in [nodebb-plugin-2factor] Two-Factor Authentication:
if they got access to anyone email, then the person have other issues bigger than a forum credentials.
Correct. And if they make use of password recycling, then they likely have access to much more in the process - not just a forum. Humans have a bad habit of making things easier to remember and will re-use passwords across the board. This in itself seriously dilutes the effectiveness of security.
Finally, there is no corporate entity on this planet that will agree that SMS for 2FA is a good idea. Period.
-
[nodebb-plugin-2factor] Two-Factor Authentication@darkpollo if you are having to ask ChatGPT if a specific "tone" is offensive, then I can only assume English is not your primary language. I assure you, as an English-speaking native, that there is absolutely nothing offensive in anything written by @Astro-What. The response is more aligned to frustration in the sense that if someone has control of sensitive information yet makes use of insecure methodology in order to access it, they should not have access in the first place.
-
[nodebb-plugin-2factor] Two-Factor Authentication@darkpollo said in [nodebb-plugin-2factor] Two-Factor Authentication:
Not asking for SMS; just for mail, which is best than nothing and better than SMS (imho).
This is in fact much worse than SMS authentication as the secondary factor. If a hacker gains control of your email, there is nothing else in their way to prevent them from accessing your site. Your email becomes the holy grail, and itself should be protected by 2FA.
-
[nodebb-plugin-2factor] Two-Factor Authentication@darkpollo said in [nodebb-plugin-2factor] Two-Factor Authentication:
TOTP is not 2FA for start.
This statement is incorrect. TOTP IS a form of 2FA. Without the 6 digit time-sensitive number changing every 30 seconds, you cannot login, therefore, it is a second factor.
@darkpollo said in [nodebb-plugin-2factor] Two-Factor Authentication:
If you are going to start insulting people, I will go somewhere else.
I think you are being somewhat over sensitive here - @Astro-What is not being insulting at all - merely responding to you. The point being made around TOTP not being difficult is 100% correct and really isn't condescending in any way.
I agree, that SMS as the second factor is certainly better than nothing, but in the security community, this method is frowned upon because of how easily it is circumvented. TOTP isn't perfect either, but it's certainly more secure than SMS by a mile.
-
Please help me, I can't installThis has been resolved. NodeBB setup, and installed for user.
-
Please help me, I can't install@abcabc123 resolv.conf won't survive a reboot in terms of changes as its considered deprecated. You might want to test this first.
-
Please help me, I can't install@abcabc123 you should take this up with the vps provider you are using. If there is no Internet access, the machine can't be reached remotely meaning we cannot access it.