EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 21 Jul 2016, 04:36 PM   #46
edu
Senior Member
 
Join Date: Jun 2016
Posts: 100
Thank you, I didn't know
Yes, I love it and I use it in my android smartphone and tablet too.

Quote:
Originally Posted by pjwalsh View Post
No reason why not. TOTP is an IETF standard FastMail will continue supporting (post #23 above).

Glad you asked the question, I wasn't aware of FreeOTP. I've installed it on my Android devices.

https://play.google.com/store/apps/d...hosted.freeotp
edu is offline   Reply With Quote
Old 21 Jul 2016, 10:16 PM   #47
anotheracademic
Junior Member
 
Join Date: Apr 2014
Posts: 5
Holiday time -- give good delays

Over here in Europe it is the main holiday time. Some of us are away from our main computers for several weeks. I know people who are barely watching their emails. They will have no time for technical changes. Therefore please make sure that deadlines are till at least the end of September
anotheracademic is offline   Reply With Quote
Old 21 Jul 2016, 10:24 PM   #48
anotheracademic
Junior Member
 
Join Date: Apr 2014
Posts: 5
Webmail is the real weakness

Some of us are smart enough NOT to use a smartphone. Instead we have a throwaway dumbphone -- lose it, a few minutes work to buy a new one + new phone card+ type in 20-30 phone numbers. We also use secure emailers, like The Bat Professional which can encrypt everything, and Voyager which has compulsory encryption. Others install their emailer on a Secure Disk. Phones are easier to lose than money therefore I cannot understand why they become the key piece in security.

I have found two step authentication to fail because of roaming problems with phones.

So, the only consolation is that the changes will be optional. I hope they will ALWAYS be optional.

In my view, Webmail is the real problem. I notice that Paypal now requires confirmation when you change the computer/browser. A pain, but it makes sense.
anotheracademic is offline   Reply With Quote
Old 21 Jul 2016, 10:26 PM   #49
walesrob
Essential Contributor
 
Join Date: Dec 2006
Location: UK
Posts: 388
Quote:
Originally Posted by anotheracademic View Post
Over here in Europe it is the main holiday time. Some of us are away from our main computers for several weeks. I know people who are barely watching their emails. They will have no time for technical changes. Therefore please make sure that deadlines are till at least the end of September
Really, you expect FM to delay so you "Europeans" can holiday until late September?
walesrob is offline   Reply With Quote
Old 21 Jul 2016, 10:51 PM   #50
FredOnline
Master of the @
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 1,931
Quote:
Originally Posted by anotheracademic View Post
Some of us are smart enough NOT to use a smartphone.
Smart people use dumb phones, so I guess that means that dumb people use smart phones.

That's enlightening.
FredOnline is offline   Reply With Quote
Old 22 Jul 2016, 12:04 AM   #51
janusz
The "e" in e-mail
 
Join Date: Feb 2006
Location: EU
Posts: 4,457
Quote:
Originally Posted by FredOnline View Post
that means that dumb people use smart phones.
dumb = young??
Age distribution of smartphone owners in the U.S. in December 2011
Smartphone ownership penetration in the United Kingdom in 2012-2015, by age
janusz is offline   Reply With Quote
Old 22 Jul 2016, 12:13 AM   #52
David
Ultimate Contributor
 
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
My old Blackberry 8700 has become dumber as it has aged, as have I. The password manager is set to wipe the phone after only two failed login attempts. The proliferation of applications, in today's latest phones (which cost an arm and a leg) make me stop and think....

Many minimum wage folk are using them, I notice...
David is offline   Reply With Quote
Old 22 Jul 2016, 12:55 AM   #53
DumbGuy
Senior Member
 
Join Date: Oct 2008
Posts: 157
Quote:
Originally Posted by anotheracademic View Post
...I have found two step authentication to fail because of roaming problems with phones....
Instead of using 2FA via SMS (because of roaming limitations), how about using 2FA via the Google Authenticator app (or similar) on a cheap Android smartphone you buy just for that purpose? You wouldn't need a phone plan & SIM card. And the only time you'd need internet access is via WiFi, initially to download the GA app. After that, you don't need any ongoing internet connection to pull up TOTP codes in GA or similar app. Have PIN/pw lock on the smartphone, and you should be pretty protected.
DumbGuy is offline   Reply With Quote
Old 22 Jul 2016, 01:16 AM   #54
anotheracademic
Junior Member
 
Join Date: Apr 2014
Posts: 5
Quote:
Originally Posted by walesrob View Post
Really, you expect FM to delay so you "Europeans" can holiday until late September?
Sure I do. The summer is a terrible time for changes, bills, etc, just as it is a terrible time for my employer to get unusual work done -- people are simply not available.

Any major change needs at least three months notice. I am about to travel -- part job, part holiday. The major changes fall right in the middle of that season. Too bad for the person travelling, potentially stuck for email, because fastmail makes a change that must be implemented speedily, which can only be made from the home desktop.
anotheracademic is offline   Reply With Quote
Old 22 Jul 2016, 01:23 AM   #55
anotheracademic
Junior Member
 
Join Date: Apr 2014
Posts: 5
Quote:
Originally Posted by DumbGuy View Post
Instead of using 2FA via SMS (because of roaming limitations), how about using 2FA via the Google Authenticator app (or similar) on a cheap Android smartphone you buy just for that purpose? You wouldn't need a phone plan & SIM card. And the only time you'd need internet access is via WiFi, initially to download the GA app. After that, you don't need any ongoing internet connection to pull up TOTP codes in GA or similar app. Have PIN/pw lock on the smartphone, and you should be pretty protected.
That is far too complicated. That means unreliable.

Yes, one of my banks made me buy a smartphone, just to load an app, which I use without a SIM, 2-3 times a year. What a pain! Another bank gave away a card reader. Many of us protested at that since they were linking two unlinkables: the internet banking, and the debit card. A principle of security is keeping things separate, and a debit card should be kept under lock and key well away from the internet, and only brought out for cash/store purchases.

Plus, if I travel, I have to carry two gadgets, with all the high probability of loss.

My point is that a phone, or gadget, is the weakest point in security, and is the first to be stolen/lost. It makes no sense at all to link anything to them.
anotheracademic is offline   Reply With Quote
Old 22 Jul 2016, 07:16 AM   #56
David
Ultimate Contributor
 
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
Quote:
Originally Posted by anotheracademic View Post
That is far too complicated. That means unreliable.
If it saves money (by not having to purchase a cell phone plan) it sounds like a good idea to me.
David is offline   Reply With Quote
Old 22 Jul 2016, 08:43 AM   #57
glass
Member
 
Join Date: Dec 2013
Posts: 54
Quote:
Originally Posted by anotheracademic View Post
Therefore please make sure that deadlines are till at least the end of September
Ha ha, good one.

They're killing a feature that could lock people out of their accounts on Monday. If we get the notification about that happening right now, that would be 3 days notice (but it's obviously going to come a bit later than right now). Must be a very small number of people using OTP/SMS etc. for them to not care this much.

Maybe fastmail should put little percentages next to all the options in the settings menus so we can see how many people use each feature and avoid becoming dependant on something that they're going to cull at a moments notice (if even that).
glass is offline   Reply With Quote
Old 22 Jul 2016, 08:53 AM   #58
gardenweed
Essential Contributor
 
Join Date: Jun 2008
Location: Perth
Posts: 470
Quote:
Originally Posted by robn View Post
....

Of course we'll continue supporting TOTP and other methods for the forseeable future.
So the little list of OTP's that I keep in my wallet will still work then - is that right?
(The OTP that need the second factor placed in front.)
gardenweed is offline   Reply With Quote
Old 22 Jul 2016, 09:09 AM   #59
DumbGuy
Senior Member
 
Join Date: Oct 2008
Posts: 157
Quote:
Originally Posted by gardenweed View Post
So the little list of OTP's that I keep in my wallet will still work then - is that right?
(The OTP that need the second factor placed in front.)
See msgs #41 & #42 above.
DumbGuy is offline   Reply With Quote
Old 22 Jul 2016, 09:17 AM   #60
gardenweed
Essential Contributor
 
Join Date: Jun 2008
Location: Perth
Posts: 470
Quote:
Originally Posted by DumbGuy View Post
See msgs #41 & #42 above.
Yeah that's why I asked the question. I don't understand clearly what these posts mean to me.

The printed OTP that I use, I understand are timed. I think maybe 1 or 2 hour sessions.
So are these actually the TOTP's being referred to and will remain?
If not, what are the existing TOTP's being referred to?
gardenweed is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 01:04 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy