EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > Runbox Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Runbox Forum Everything related to Runbox should go here: suggestions, comments, complaints, questions, technical issues, etc.

Reply
 
Thread Tools
Old 12 Jan 2017, 05:26 PM   #91
mekitron
Senior Member
 
Join Date: Dec 2014
Location: Central City
Posts: 162
Lightbulb

Quote:
Originally Posted by kservik View Post
We are getting close to launch and if anyone want to be a beta-tester, then please open a support ticket with the subject: Beta tester for 2FA

Kim
I am in the queue, Kim.
mekitron is offline   Reply With Quote
Old 13 Jan 2017, 10:26 AM   #92
kservik
Cornerstone of the Community
 
Join Date: Sep 2005
Location: Oslo, Norway
Posts: 555

Representative of:
Runbox.com
Quote:
Originally Posted by mekitron View Post
I am in the queue, Kim.
You should be added shortly.
kservik is offline   Reply With Quote
Old 13 Jan 2017, 01:59 PM   #93
mekitron
Senior Member
 
Join Date: Dec 2014
Location: Central City
Posts: 162
Quote:
Originally Posted by kservik View Post
You should be added shortly.
I am ready to meet lb03.runbox.com
mekitron is offline   Reply With Quote
Old 17 Jan 2017, 09:19 AM   #94
DigitalOrchard
Junior Member
 
Join Date: Oct 2015
Location: Vancouver Island, Canada
Posts: 19
I've been beta-testing the 2FA system for a couple of weeks now.

While still fairly clunky, it's obvious that it's been designed with care and attention to ensure there are no ways to bypass it. One goal they had is to enable this extra layer of security even for those without a mobile device. I'm sure that was a hefty challenge to cross.

I use three separate 2FA apps on my mobile device (Google Authenticator, Authy, and Duo Mobile). I've been phasing out Google Authenticator, despite them being the developer of the 2FA protocol, simply because my trust in the company (Google) is lacking, and Duo Mobile is my latest adoption. However, I had trouble with this app allowing the displayed code to log me into Runbox. I'm sure it was a timing issue somewhere. I ended up switching Runbox back to Google Authenticator and all was happy again, so not sure where the fault was.

One thing that Runbox really needs to do is to cater better to pure-keyboard junkies, such as myself. I don't want to take my fingers off the keyboard in order to click an icon just to log in. And when I click that icon, I don't want to have to click or press Tab in order to put focus into the 2FA code field. These are design decisions that should be addressed so logging in is swift and convenient, not a hassle.

It's a good start and great to finally see it out the door. Did it take too long to get this point? That's purely objective based on the vantage point. I'm confident that from Runbox's perspective, they put service reliability ahead of introducing new features, and I support them on that entirely. But 2FA isn't just a "nice to have", it's essential for many of us to secure our infrastructure.

I look forward to the feature and interface being refined over the coming months. Runbox, I hope this experience has also helped you refine your development workflow. Using version-control and sandboxed environments helps to speed up development, while giving you peace-of-mind that changes can be rolled back should disaster strike. I honestly hope that these are parts of your tool chest.

And once this feature has reached maturity, let's see those new mobile and webmail apps!
DigitalOrchard is offline   Reply With Quote
Old 18 Jan 2017, 01:21 AM   #95
mekitron
Senior Member
 
Join Date: Dec 2014
Location: Central City
Posts: 162
Quote:
Originally Posted by DigitalOrchard View Post
One thing that Runbox really needs to do is to cater better to pure-keyboard junkies, such as myself. I don't want to take my fingers off the keyboard in order to click an icon just to log in. And when I click that icon, I don't want to have to click or press Tab in order to put focus into the 2FA code field. These are design decisions that should be addressed so logging in is swift and convenient, not a hassle.
A great design idea. I'll try to help my next client to implement this sort of 2FA. Thanks for the contribution!
mekitron is offline   Reply With Quote
Old 19 Jan 2017, 05:17 AM   #96
kservik
Cornerstone of the Community
 
Join Date: Sep 2005
Location: Oslo, Norway
Posts: 555

Representative of:
Runbox.com
Quote:
Originally Posted by DigitalOrchard View Post
Using version-control and sandboxed environments helps to speed up development, while giving you peace-of-mind that changes can be rolled back should disaster strike. I honestly hope that these are parts of your tool chest.
Yes, we have been there for a while. We use Git and we have a full replica of our production system for development with separation of all services and most developers get their own servers.
kservik is offline   Reply With Quote
Old 20 Jan 2017, 08:33 AM   #97
DigitalOrchard
Junior Member
 
Join Date: Oct 2015
Location: Vancouver Island, Canada
Posts: 19
Quote:
Originally Posted by kservik View Post
Yes, we have been there for a while. We use Git and we have a full replica of our production system for development with separation of all services and most developers get their own servers.
That's great, so curious why we're not seeing improvements on a daily (or even weekly) basis? If everything is in place and it's working well, you should be able to arrive at some type of ETA for final deployment.

I think having the full system on runbox.com (at /mail) over-complicates matters. It may have been a good time to separate into separate components that work together. At least this is how I approach my infrastructure - clean separation between components so it's not just one giant cluster that's difficult to upgrade and manage. It would be my assumption that this is why it's been such a long and drawn-out project — just too much built into one mammoth, monolithic system.

Imagine:
- www.runbox.com — the main website
- webmail.runbox.com — for checking webmail, that's it!
- manage.runbox.com — for managing an account, sub-accounts, etc.

Separate systems that work together. But I'm sure it's far too late to offer this suggestion. You already do this for `support`, `status`, etc. so I know you're not deaf to this idea.

Looking forward to seeing some improvements, and final deployment so I'm not having to dance between two different browsers to log into my various accounts.

Keep up the great work!
DigitalOrchard is offline   Reply With Quote
Old 26 Jan 2017, 06:24 PM   #98
Geir
The "e" in e-mail
 
Join Date: Sep 2001
Location: Oslo, Norway
Posts: 2,938

Representative of:
Runbox.com
The web app runs at /mail for historical reasons, but everything is modularized in the backend and we are very conscious of structuring services and code in a way that simplifies maintenance and expansion.

The reason the 2FA project took a long time was mainly that we needed to modify each standalone service (2 IMAP services, 2 POP services, SMTP, FTP, etc) to authenticate via one central authentication system. Now that this is done we are finally free to do all kinds of exciting things such as 2FA.

We are continuing to focus on security improvements, but we are also building a next generation webmail behind the scenes. This won't stop us from making incremental improvements to the current web interface, though.

Stay tuned.

- Geir
Geir is offline   Reply With Quote
Old 27 Jan 2017, 06:19 AM   #99
mekitron
Senior Member
 
Join Date: Dec 2014
Location: Central City
Posts: 162
Geir,

Love and hardwork will make Runbox a masterpiece. Runbox won't run into darkness, neither of its users in 172 countries. It is the best service for many of us here. Cheers!

However, I have few questions and considered to start a new thread. Here it is, http://www.emaildiscussions.com/show...420#post599420

Regards,
Mek
mekitron is offline   Reply With Quote
Old 3 Feb 2017, 12:00 PM   #100
DigitalOrchard
Junior Member
 
Join Date: Oct 2015
Location: Vancouver Island, Canada
Posts: 19
2FA is now officially in place, for anyone viewing this discussion thread.
DigitalOrchard is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 02:10 PM.

 

Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy