|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
31 Jul 2016, 04:47 PM | #226 | |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Quote:
|
|
31 Jul 2016, 04:48 PM | #227 |
The "e" in e-mail
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,799
|
|
31 Jul 2016, 07:01 PM | #228 |
Senior Member
Join Date: Jun 2016
Posts: 194
|
Maybe it's out of this thread, but... have you thought to use ssh tunneling to bypass that company?, or maybe you can't risk to do that. Example: identitycloaker.com (you don't need admin rights).
|
31 Jul 2016, 07:07 PM | #229 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,933
|
|
31 Jul 2016, 07:10 PM | #230 |
Senior Member
Join Date: Jun 2016
Posts: 194
|
|
3 Aug 2016, 07:43 AM | #231 | |
The "e" in e-mail
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,799
|
Quote:
Last edited by hadaso : 3 Aug 2016 at 07:54 AM. |
|
7 Aug 2016, 08:23 PM | #232 |
Cornerstone of the Community
Join Date: Sep 2013
Posts: 536
|
Not sure if this belongs in this thread, but I'll ask here:
Now that yubikey seems to be going the closed-source way, I'm looking for alternatives. I came across Nitrokey. Does fastmaill support nitrokey's OTP? |
7 Aug 2016, 08:26 PM | #233 | |
Master of the @
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007
Representative of:
Fastmail.fm |
Quote:
I have tested Nitrokey's U2F against FastMail, and that does work. |
|
7 Aug 2016, 09:56 PM | #234 | |
Essential Contributor
Join Date: Dec 2006
Location: UK
Posts: 392
|
Quote:
|
|
7 Aug 2016, 10:14 PM | #235 |
Cornerstone of the Community
Join Date: Sep 2013
Posts: 536
|
|
8 Aug 2016, 08:29 AM | #236 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,084
|
The unfortunate decision to eliminate alternative passwords for web logins, requiring use of the master password, among other things introduces the following exposure:
|
8 Aug 2016, 09:37 AM | #237 |
Essential Contributor
Join Date: Oct 2008
Posts: 212
|
I too don't like this business of always having to use my master pw to login (from what I read, as I haven't yet switched over to the new authentication system, and will use alt logins for another 1-2 weeks).
Having printed "backup codes" would be a great idea, as it allows for a 2FA login option that doesn't rely on a physical device. (I can even memorize a backup code for emergency use.) I think the alternative logins system at FM was one of its top security features and biggest selling points for those who wanted to be particularly security conscious with granular login options, and I'm sad to see it go. |
8 Aug 2016, 09:39 AM | #238 | ||
Cornerstone of the Community
Join Date: Jan 2003
Location: The Village
Posts: 599
|
Quote:
Quote:
The idea of using my master password with my 2FA token on a daily basis makes me very uncomfortable. To begin with, it means I will change it to be much shorter, because I don't want to type something long and complex each time I login. For me, having a short p/w to use with the token, and a very long, complex master p/w, which can be used alone, which I've memorized, and which is only used for settings changes and the rare case when I've gone to work forgetting my token at home, is the ideal way to organize my security. |
||
8 Aug 2016, 10:12 AM | #239 | |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 2,995
|
Quote:
|
|
8 Aug 2016, 10:21 AM | #240 |
Junior Member
Join Date: Jan 2010
Location: US, New Jersey
Posts: 22
|
Haven't been on this forum for 4 years as well (last login is Nov 2012), so I guess - there was some other major change going on at that time...
Just spent lots of time reading this thread in hope to find a solution for disappearing alternative logins... This is just sad - I been using them for quite some time already and like the ability to have restricted web access and password I can kill when I need. I used the X-Notifier plig-in in Firefox with separate password per computer (see that past tense? that's because it also stopped working and that's how I found out about the changes...) - I had several of my computers setup with different restricted login passwords for X-notifier. It stores password locally, so if computer gets compromised, I can always quickly disable that password. Now I am loosing the above setup - not only X-Notifier is not working (which can be fixed), but I'd also have to save my master password in it, which is not secure... |
Thread Tools | |
|
|