|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
22 Jul 2016, 09:09 AM | #61 |
Cornerstone of the Community
Join Date: Apr 2004
Location: Melbourne
Posts: 971
Representative of:
Fastmail.fm |
Printed OTP, 1hr passwords and Yubikey without a base password (1-factor Yubikey) will no longer work from Monday. You will need to use your master password if you currently use one of these types of alternate login. The few users with these types should have been emailed; apologies, I will follow up ASAP to find out what's happened to that.
All other types of alternate login (regular password, two-factor Yubikey, two-factor SMS, two-factor TOTP) will continue to work until the 31 August. Neil. |
22 Jul 2016, 09:10 AM | #62 | |
Essential Contributor
Join Date: Oct 2008
Posts: 212
|
Quote:
TOTP, if I understand correctly, refers to the Google Authenticator method (and similar apps) that's been mentioned. I think the paper sheet method that you use (and I used to use) is one of the methods being removed with the new security scheme. But maybe I'm wrong on that. If so, I can print out a new sheet once we're on the new login system. Or I may bail, as I rarely used it. |
|
22 Jul 2016, 09:43 AM | #63 | |
Cornerstone of the Community
Join Date: Jun 2008
Location: Perth
Posts: 664
|
Quote:
How about just a simple declaration of what is going and what will be in its place. - without having to read through the blogs trying to find those needles in the haystack. Basic MOC stuff:
PS - I've not received any email about my printed OTP's being dropped. Which is one of the reasons I was confused about this. It's Friday, and come Monday they won't work, yet the said email has not arrived. |
|
22 Jul 2016, 10:07 AM | #64 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,029
|
Also what about the customers who don't visit the forum ?
|
22 Jul 2016, 02:45 PM | #65 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
As robn has stated previously, this forum is not an official Fastmail channel for communicating with their customers.
It seems they prefer to communicate via Twitter, although saying that, their posts about the new change are consisting of just links to their blog. So I think a lot of people may miss this completely. More information about the new change posted in the Fastmail Blog: https://blog.fastmail.com/2016/07/22...tor-apps-work/ |
22 Jul 2016, 03:22 PM | #66 |
Member
Join Date: Dec 2013
Posts: 54
|
Until 15 minutes ago this forum was the only place to find out that OTP is going to stop working in 3 days. So it's either check this forum or get a nasty surprise on Monday when you can't login because you didn't see the notification email that came through at 6:05 pm on Friday night.
|
22 Jul 2016, 03:31 PM | #67 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,029
|
That was my point, so why not an email with all the links so that EVERYONE will know what's going on.
Long term less support tickets.. Last edited by Terry : 22 Jul 2016 at 04:07 PM. |
22 Jul 2016, 04:07 PM | #68 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
I've just, within the past few minutes, received e-mails from Fastmail about the new changes into my Fastmail inboxes.
|
22 Jul 2016, 04:08 PM | #69 | ||
Cornerstone of the Community
Join Date: Jun 2008
Location: Perth
Posts: 664
|
Quote:
Quote:
What login methods will remain? |
||
22 Jul 2016, 04:17 PM | #70 |
Senior Member
Join Date: Jun 2016
Posts: 194
|
And I still don't know if FM Classic and FM Mobile website (m.fastmail.com) will continue or not.
Some important websites like hushmail and many others are still offering a mobile website even working with 2FA (example: m.hush.com), I hope FM will do it too... |
22 Jul 2016, 05:18 PM | #71 |
Member
Join Date: Sep 2011
Posts: 43
|
Uh, wait? Am I getting this right? FM is removing the only really secure 2F login option (otp list+password) that doesn't require any complex, special or hard-to-setup technical equipment?
If that's the case then it's truly a setback and I'm disappointed. Will probably end up just logging in with my master password instead on computers that seem "reasonably secure", but we all know that one's impossible to judge. |
22 Jul 2016, 05:35 PM | #72 |
Member
Join Date: Jul 2016
Posts: 42
|
Another bites the...
I'm another one who is unhappy with these changes (amongst other gripes).
I opened a fastmail support ticket earlier this week about Carddav problems with shared address books and mentioned my concerns about the pending changes to Alternative logins at the same time. My impression is that without doing this I wouldn't have been given details about the pending changes. Not that they explained much, just enough to know they're going to break our workflow. I now see that Fastmail don't give a damn about their users needs, that they take away functionality that folks rely on without good reason and without properly explaining what's going on. The fact that I'm going to be spending my holidays dealing with the mess this creates is unfortunate and very annoying. I feel very let down by fastmail and their development team. That said I've always found their support team to be good (once you get past the first line). |
22 Jul 2016, 07:13 PM | #73 |
Master of the @
Join Date: Feb 2005
Location: USA
Posts: 1,876
|
Welcome to emaildiscussions
|
23 Jul 2016, 08:54 AM | #74 |
Junior Member
Join Date: Oct 2008
Posts: 6
|
Full Access
Are we still going to be able to login to our accounts without having full access?
|
23 Jul 2016, 11:39 PM | #75 |
Junior Member
Join Date: Aug 2012
Posts: 5
|
Decreased security for web users?
I have a strong master password that I only type into a trusted computer. From less trusted computers, I login to the website using an alternative password with second-factor that provides only limited account access.
After August, how do I login from untrusted computers without having to type my master password and without full access? The blog mentions alternative passwords for apps and protocols but not how I can obtain limited user access to the web interface. Isn't this sounding less secure for web users? |