EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 19 Jul 2016, 11:32 PM   #31
glass
Member
 
Join Date: Dec 2013
Posts: 54
"If you're currently using our "alternate logins" system, you will need to migrate to the new system sometime in the next month. We will be removing all old-style "alternate logins" on 31st August."

What does this mean for the other types of alternate logins, such as OTP?
glass is offline   Reply With Quote
Old 20 Jul 2016, 09:43 AM   #32
robn
Master of the @
 
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007

Representative of:
Fastmail.fm
Quote:
Originally Posted by glass View Post
"If you're currently using our "alternate logins" system, you will need to migrate to the new system sometime in the next month. We will be removing all old-style "alternate logins" on 31st August."

What does this mean for the other types of alternate logins, such as OTP?
OTP set, 1-hour OTP/SMS and Yubikey one-factor are being removed. They will no longer work from release on Monday.
robn is offline   Reply With Quote
Old 20 Jul 2016, 10:15 AM   #33
Terry
The "e" in e-mail
 
Join Date: Jul 2002
Location: VK4
Posts: 2,519
Why do you keep changing things, is the extra security really needed or is it just to make it harder to use the old UI
Terry is offline   Reply With Quote
Old 20 Jul 2016, 10:22 AM   #34
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,550
Quote:
Originally Posted by Terry View Post
Why do you keep changing things, is the extra security really needed or is it just to make it harder to use the old UI
I am not a fan of change without good reasons. I support this set of changes. It is a fact that security on the Internet is becoming ever more of a challenge. We need the best possible tools to respond to this.
BritTim is offline   Reply With Quote
Old 20 Jul 2016, 10:27 AM   #35
Terry
The "e" in e-mail
 
Join Date: Jul 2002
Location: VK4
Posts: 2,519
Perhaps it's to drive another nail in the classic UI coffin.
'
We are getting so many changes and I really don't like many of them so I am now about to try something else, but if I don't like it I have only lost $40
Terry is offline   Reply With Quote
Old 20 Jul 2016, 02:19 PM   #36
pjwalsh
Essential Contributor
 
Join Date: Dec 2008
Location: Canada
Posts: 250
Quote:
Originally Posted by edu View Post
I hope I will be able to use FreeOTP app with it...
No reason why not. TOTP is an IETF standard FastMail will continue supporting (post #23 above).

Glad you asked the question, I wasn't aware of FreeOTP. I've installed it on my Android devices.

https://play.google.com/store/apps/d...hosted.freeotp

Last edited by pjwalsh : 21 Jul 2016 at 03:36 AM. Reason: sp.
pjwalsh is offline   Reply With Quote
Old 20 Jul 2016, 03:27 PM   #37
Fabrio
Junior Member
 
Join Date: Jul 2016
Posts: 1
Which Yubikey

I read the article on the new 2FA - I am looking at getting a yubikey specifically one with NFC - but I am confused about which one is appropriate. The article mentions the OLD yubikey and has a link to yubico which takes you to a page showing the NEW yubikeys
(The article also only gives a link to twitter to follow the discussion - and no mention of this forum)
Anyway IŽd appreciate any assistance on this
Fabrio is offline   Reply With Quote
Old 20 Jul 2016, 03:48 PM   #38
robn
Master of the @
 
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007

Representative of:
Fastmail.fm
Quote:
Originally Posted by Fabrio View Post
I read the article on the new 2FA - I am looking at getting a yubikey specifically one with NFC - but I am confused about which one is appropriate. The article mentions the OLD yubikey and has a link to yubico which takes you to a page showing the NEW yubikeys
(The article also only gives a link to twitter to follow the discussion - and no mention of this forum)
Anyway IŽd appreciate any assistance on this
Before U2F was available, YubiKeys supported an older OTP mechanism. If you have an old key, they won't support U2F but can still be used with FastMail because we implement the OTP mechanism.

If you're buying a new YubiKey, they all support both mechanisms, and we recommend using the U2F mode because its more secure.
robn is offline   Reply With Quote
Old 20 Jul 2016, 09:24 PM   #39
glass
Member
 
Join Date: Dec 2013
Posts: 54
Quote:
Originally Posted by robn View Post
OTP set, 1-hour OTP/SMS and Yubikey one-factor are being removed. They will no longer work from release on Monday.
I currently have:
password I can't remember (it's in my password manager, only accessible from my local computer)
password I can remember that requires 2fa (totp on phone)
password I can remember that requires an otp from a list I have printed out

So now if I want to be able to login when I don't have my phone, I will have to change my password to something I can remember and disable 2FA?

That doesn't sound "even more secure".
glass is offline   Reply With Quote
Old 20 Jul 2016, 09:39 PM   #40
DumbGuy
Senior Member
 
Join Date: Oct 2008
Posts: 157
Quote:
Originally Posted by robn View Post
OTP set, 1-hour OTP/SMS and Yubikey one-factor are being removed. They will no longer work from release on Monday.
Wait, I thought we had until 31-Aug-2016 to transition our Alternative Logins to the new authentication mechanism.
DumbGuy is offline   Reply With Quote
Old 20 Jul 2016, 09:49 PM   #41
robn
Master of the @
 
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007

Representative of:
Fastmail.fm
Quote:
Originally Posted by DumbGuy View Post
Wait, I thought we had until 31-Aug-2016 to transition our Alternative Logins to the new authentication mechanism.
For the types that are serviceable through the new login system, yes. That's SMS, TOTP, YubiKey OTP and regular password. The other types have no mapping in the new system so aren't supported.

The small number of users using these login types should be receiving an email about it. I'm not sure where that's at; I'll chase it up tomorrow.
robn is offline   Reply With Quote
Old 20 Jul 2016, 11:21 PM   #42
DumbGuy
Senior Member
 
Join Date: Oct 2008
Posts: 157
Quote:
Originally Posted by robn View Post
For the types that are serviceable through the new login system, yes. That's SMS, TOTP, YubiKey OTP and regular password. The other types have no mapping in the new system so aren't supported.

The small number of users using these login types should be receiving an email about it. I'm not sure where that's at; I'll chase it up tomorrow.
Thanks for the clarification, Rob. I had used a paper printout of OTP tokens as a backup for OTP login, but I so rarely use it that I won't miss it. (You might remember me flashing it your way briefly when we met at OSCON last year.)

So, I just went ahead and disposed of the sheet and deleted the alternate login. The login methods now remaining in my account should map over OK, so I can take my time converting over these next few weeks.
DumbGuy is offline   Reply With Quote
Old 21 Jul 2016, 03:28 PM   #43
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,257
Will this affect Pobox users/accounts?
Berenburger is offline   Reply With Quote
Old 21 Jul 2016, 03:40 PM   #44
FredOnline
Master of the @
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 1,927
Today's Fastmail blog - an important read:

https://blog.fastmail.com/2016/07/21...-reset-secure/
FredOnline is offline   Reply With Quote
Old 21 Jul 2016, 03:49 PM   #45
robn
Master of the @
 
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007

Representative of:
Fastmail.fm
Quote:
Originally Posted by Berenburger View Post
Will this affect Pobox users/accounts?
No. All authentication for Pobox accounts is owned and managed by Pobox. Mailstore customers will be login at www.fastmail.com like they can now, including using their TOTP or YubiKey, but everything else is done through at pobox.com.
robn is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 02:09 AM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy