Thirty-second shelf life on the codes? Holy full-time job batman! So when you go to log in, first, you need to install some sort of googlish data aggregation stuff and then pay undivided attention until you get logged in. I have trouble with codes via email with a 30 minute shelf life due to the gray mail filter that the isp uses.
Neither is seeing the .p12 file Fred. Firefox doesn't even offer that extension as a savable file. I am stumped. How are others able?
I can meet all the verification requirements, yet still be able to steal thousands of dollars from you. These extra processes for the legit user seems proper, but all it really offers is the illusion of security. It's a fine step in the right direction, QRZdotcom is a vanguard in protecting hams... ... but don't be fooled into thinking it's really any safer than it used to be. Criminals adapt just as quickly as the good-guys. There's not A DAMN THING anyone can do to prevent me from stealing your money or goods, other than never participating. IMO, the best thing the 'Zed can do is eliminate all sales. Craigslist, eBay, etc. have that covered and will offer less headaches for our forum.
I am also 'verified' and a Lifetime member #240 of QRZ.com. Fred and his staff does a wonderful job in serving the amateur radio community. Perhaps more so than the ARRL itself.
JMHO, I believe this aught to be taken a step farther and have every user display their good working email address in their profile page. John KF5YOT
The 2FA thing is a good move. I've personally experienced both a scam seller (not on this site, though), as well as an account hack / takeover. Keep up the improvements, Fred!
Fred, It seems you have to have a cell phone to use this feature reliably. Unfortunately I don't have a smart phone and I do very little business via a cell phone. I've used the phone (land line) verification method and it is indeed unreliable. As you say the verification code can arrive too late. I've also used a keychain verifier that worked very well but I realize that is out of the question here. Is there another app that can run on my computer to do the second step or can the 2nd step be done via email? You run a great service and it keeps getting better. Keep it up we're with you.
If you're going to be on the internet YOU are sooner or later GOING to be a victim of some sort of attack. The more time you SPEND going to NEW or Adventuring around the Net the HIGHER your chances of something happening. Only one person Has your phone hopefully and if you get the text its EZ to enter on whatever computer you're using. Probably the most secure I can think of. Automate and once again you're exposed. I'm happy that Zed is making an effort, taking the time and resources to step up security the best they can to GIVE US the best chance possible. After spending a "sizable" portion of my business career in IT Consulting, Including web and email hosting... I have a pretty good idea what and where these attacks are all about. EXAMPLES: About two years ago I was sitting at my computer enjoying a morning coffee and BOING in comes an email thanking me for a payment to a SCHOOL BOOK RENTAL joint. WHAT? The amount was only $12.95... BUT it was their quick test that somebody isn't paying attention and BWAMMO a serious bad person was about to Clean out my account. It was my PayPal Business debit Mastercard... The only reason I even noticed THAT transaction was all PayPal transactions send emails... At the time PayPal WAS MY ONLY BANKER and I was doing a good volume with them. There was only ONE Place that debit card would come out of my purse and that was at the local Pizza joint and my husband was notorious for hitting the driveup window and handing over card to whoever was at the window. WELL these people had my card in hand to copy everything off of it. The management at this particular restaurant was flying fast and loose at the time and employees were all a bit marginal. WELL a call to the company HQ which is only 25 miles from here, big semi-local chain owning all stores in about every town around, anyway Corporate VP took over the store The very next day and pretty much cleaned house. They have all new peeps working there, and Craig now walks in and deals at the counter JIC. Now get this, about three days AFTER all these Executions with extreme prejudice at the Pizza Palace... I get an email from a rather large Texas Plastics company. Months earlier I had some custom FR4 boards cut by this outfit for a Broadcast Transmitter rebuild that had taken a Direct Hit and had blown apart the Power Supply stack. Well this email starts by saying we really apologize but we have had an online data breech of our TRANSACTION server... That bad guy had ALL of their online transactions, customer files and PAYMENT INFO for about 150,000 customers... Wonnerful! Talk about Hiked Skirts. SO which company with a swinging door financial policy was the guilty party for the attempt at my Bank Account? Like OOPs. A few weeks ago one of the normalesk Zed Swapmeet types posted an MFJ Tuner for sale... The seller did not respond ONLINE to a very insistent customer wanting to buy it for a couple days. So then finally a bunch of people posted If he doesn't take it I'm also interested in it. etc etc etc... Well sure why not. I'm about #3 in line now... and I wouldn't mind the thing. So I posted too. giggling the whole time. WELL took about a day and I get this email stating I'm So in So and I also have one of these MFJ tuners and I have pictures HERE to this link... Fortunately at the time I was just waking up and was laying in bed watching the weather all pre coffee when I turned on the wifi connection on my fone. LIKE who is this guy? well I was saved as I use 15 character random passwords generated by an online generator. I printed 80 up and randomly select a password. The only one memorized is my Bank Account... The one for the Router is about 30 characters..... and when I clicked on the link in this email my fone didn't have a password for THAT login page... I thought that is rather odd. Have I been logged in 30 days already? As I don't have it memorized I couldn't log in. But I tried to click around the site. It Didn't work right anyway, couldn't navigate anywhere... I come down to the Toy Room and email this clown and ASK who and the Heck are you anyway? Well this is one of the scammers apparently everybody is talking about. Could have gotten a password even one I don't remember... HAVE a great day everybody... Don't be asleep when entering passwords, and be careful WHO has your credit and debit card info... Using random payment systems and YOU are going to get Nailed when you least expect it. I pay for about everything with PayPal myself. I've been on there since they opened. I no longer have the Debit Mastercard as the goofs in the Philippines couldn't handle the name change. The Card kept coming with Erika von Timme (maiden name) and couldn't get it changed to Ostlund... 4 attempts and even my Paypal account was changed right away... wonnerful. Six, Two and Even over and OUT! Erika DD
Greetings James. I use Windows 10 and IE on my computer and I got it done with no problem. And believe me, I'm NO computer wise by far, hi hi. By the way, Great bio page you have there. Good luck, Larry W7GST 73
I have been 2fa pretty much from the beginning but the problem I have is not being able to get a text at work to enter the second code. Oh well I guess I shouldn't be on the Zed at work anyway?!
