upstate-SC
Superuser
Superuser
Status: Accepted

For change in personal information (address, email address, payment information) send a temporary code to email address registered. This adds another layer of protection from hackers/ scammers.

 

Also two factor authentication could be included for login in web browser on laptops.

Mobile apps are secure with biometric authentication. So it cannot be accessed without the consent of the account owner in most cases.

 

Hope Visible takes step in fixing this major vulnerability. Until then 🙂

41 Comments
GreenSub
Superuser
Superuser

Agreed, our accounts need 2FA for added security.

RyanBlakeIT
Superuser
Superuser

Agreed, however, to expand on this, I think users should have the option to enable MFA and there must be a requirement to use an app or e-mail and not a cell number as that will create a problem if they use their Visible number.

 

Edit: This request is a duplicate of 10470 and should be merged.

zan
Novice

MFA is a mandatory security feature!! Plenty of services out there that will help you add MFA to your account system. It shouldn't be possible for a single data leak to expose the cell phone accounts of millions of people. Imagine if our UN/PW combos got leaked. No recourse! But, if we have MFA then the hacker needs our phones with their authentication apps within arms reach to approve login requests. I seriously might have to cancel my service if I can't secure my account login.

upstate-SC
Superuser
Superuser

I am not asking for MFA (Multi Factor Authentication) using Authenticator apps. We already gave our email to sign up with visible. So a 5 or 6 digit random code like one time authorization code, when ever we want to terminate the account or modify some personal information is what i requested. So i believe it is not a duplicate of the other idea.

Status changed to: Investigating
DS-VisibleMgr
Community Manager
Community Manager
 
Status changed to: Accepted
DS-VisibleMgr
Community Manager
Community Manager
 
DS-VisibleMgr
Community Manager
Community Manager

For those who are participating in our initial launch of Multi-factor authentication, please use this board for all your feedback. An email should have come out today and the solution will be available by 11/08

zan
Novice

I received a private message on this platform to provide my email address. When I attempted to do so, I received an error message that I cannot send that email address. Then, when I attempted to space the characters out so that I could still send the email address, i got a notice that I am at my limit for private messages I'm allowed to send....

Would very much like to be a beta tester for MFA functionality.

@DS-VisibleMgr 

upstate-SC
Superuser
Superuser

you can send email in private message in this format. youremail [at] gmail [dot] com

RyanBlakeIT
Superuser
Superuser

@DS-VisibleMgr - I logged into both the web and the app but neither allow me to set up MFA, or at least I don't know where to look.  What will the process be to enable?

 

Also, I see in the e-mail that it mentions that it will send a SMS message to validate MFA; however, that won't work if the user is having issues with their phone.  Will a MFA code also be available to be sent via e-mail?