@ Daz, I changed mines yesterday using https://lastpass.com/ using 21 password length now you have come up with another generator the more the better.
@Daz I follow you changing now
This makes sense to me:
In fact, from now on I'm going to use Gibson's generator for lastpass logins vault...What makes these perfect and safe?
Every one is completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again.
Thank you! for implementing 2FA.
Just as a heads up, the FOSS PW Manager, KeePass, can handle Timed One-time Passwords (TOTPs) using either of 2 plugins, named (appropriately) KeeOTP and Tray OTP. Both work with this, and I've eliminated the need to use Google Authenticator (and thus plugged a security hole in case someone steals my phone).
Setup is easy, upon enabling it for the entry for MDL, you simple have to enter the secret key that the forum generates. What makes it a bit harder is that, most other sites also provide you with the text of the key needed to create the OTP, whereas here you only get a QR code. To get the text, I simply used a BarCode Scanner on my phone, grabbed the secret key, entered it into the KeeOTP window and my code was automatically generated, changing every 30 seconds as it is supposed to.
Would it be prudent to display the secret key text as well as the QR Code for future users? If not, then there is still the above workaround if users want to use an app that doesn't directly scan the QR Code....
Yeah even Steam has steam guard, twitter has 2F and others have similar services. Maybe you/we can contact the Authy developers when the board software is here (if) to get authy <-> mdl fully integrated. I not really like the google app.
Pls also link to the source page were you get the 2fa source from so that I/we can check it. Thx.
Don't believe the hype!
44 43 6F 72 65 20 2F 20 4A 4D 59 43
Скоро сказка сказывается, да не скоро дело делается.
I appreciate the way MDL is transitioning to a more secure format. Ya I know me complimenting anything is like pulling teach but I do actually appreciate this one.