I would like to see for enhanced security an option for enabling 2FA on web login.
Shiny!
@ConiKost Though I appreciate the idea, I don't think it will happen in the nearby future.
Users just store routes and tracklogs really. Not much security risk in that.
The amount of tickets we get from people simply forgetting how they signed up / password they choice is already incredible 
Complicating that with (optional) 2FA does not seem like the current priority.
@Dae-0 putting a home address in any GPS device, including Google Maps, is never a good idea. My home address is a location "near" my actual home.
2010 GL1800 Goldwing using Samsung Galaxy S20 5G Android 13.
I suppose as an option 2FA is OK. Can't see me using it though, and would hate to be forced to use it. I really don't think I put anything that sensitive into MRA
@RetiredWingMan said in Implement 2FA for login:
@Dae-0 putting a home address in any GPS device, including Google Maps, is never a good idea. My home address is a location "near" my actual home.
Absolutely, but people do a lot of things without thinking about the possible consequences. Just like those that reuse passwords etc.
As an IT security consultant I really hate anything that doesn’t offer MFA. Lots of compromises start with accounts that contain what appears to be low value information (so it’s less protected) which are then used to move up the chain to the big value stuff.
IMHO, 2FA is a must in modern days and should be implemented in future. I understand, that this won't happen fast, but I still think, this should be a must in future. Since also MRA accounts can have a paid subscription or one-time purchase, 2FA would help to protect more.
Even not having a home address as POI, someone could always have other different POIs, which should no leak into public.
2FA shouldn't be mandatory, but an option for users.
@Dae-0 said in Implement 2FA for login:
Most users will have a home address in there though…
Just a thought
...please don't over complicate it. Also with 2FA - if a user isn't carefully with his hone adress - others can see his address. So, if a user makes a route, including his home address public - no 2FA will protect it...
The biggest problem with security is people.
@ConiKost Though I appreciate the idea, I don't think it will happen in the nearby future.
Users just store routes and tracklogs really. Not much security risk in that.
The amount of tickets we get from people simply forgetting how they signed up / password they choice is already incredible Complicating that with (optional) 2FA does not seem like the current priority.
