Verified Member Status Requirements

Discussion in 'Ham Radio Gear For Sale' started by AA7BQ, May 19, 2019.

ad: L-HROutlet
ad: l-rl
ad: L-MFJ
ad: Left-2
ad: Left-3
ad: Subscribe
ad: MessiPaoloni-1
  1. AJ4GQ

    AJ4GQ Ham Member QRZ Page

    You may not be aware that QRZ has a policy of locking hacked accounts and then not allowing access by the callsign holder until that individual goes through a Verified like identification process and has completed 2FA enrollment.
    Your other thought on making rules changes sounds great but the reality is those folks who are being scammed generally don't read the rules, don't understand them, and will violate any they may be aware of if they think they can get a steal of a deal. Greed and ignorance always prevails.
     
    N0CEL likes this.
  2. W7UUU

    W7UUU Super Moderator Lifetime Member 133 Administrator Volunteer Moderator Platinum Subscriber Life Member QRZ Page

    For those who still do not believe this stuff happens, we just had, in the last 10 minutes, yet another account hacked by someone in Nigeria, posting an FT-891A up for sale. The IP address of the for-sale ad traced to Nigeria. The "seller's" account was closed to prevent further ads being posted.

    Had this "seller" used 2FA, the fellow in Nigeria - even after figuring out the password - would not have been able to log in because he would not have access to the "second factor" (the cell phone or app or other code delivery method) and thus could not enter the 6-digit code.

    I would strongly recommend that everyone think about your password - is it STRONG? If it's just plain words like "appletomato" or "peaceismyfriend" it WILL get hacked. There are zillions of "dark web" hacking tools that will work through millions upon millions of combinations very very quickly.

    Think about using ALL of the following: punctuation, capital letters, lower case, and numbers - and if there is a "word" embedded don't use a word that would be in a dictionary. Make up a word! "&Blorky1689%" would take eons to crack compared to "appletomato"

    The 2FA may seem a PITA but it could possibly prevent a thousand dollar scam - but if you choose not to use it, at least create a much stronger password.

    Dave
    W7UUU
     
    W1WWA and N3AB like this.
  3. KV6O

    KV6O Ham Member QRZ Page

    Rats. Was just about to pull the trigger on a FT-891A that was "gently used by an Nigerian Prince".
     
    W1BR, N3FAA, KB9KQU and 3 others like this.
  4. KJ4VTH

    KJ4VTH Ham Member QRZ Page

    Oh no - all the “good deals” are going to disappear! :oops:
     
  5. AA4ZM

    AA4ZM Premium Subscriber QRZ Page

    There are 2FA app alternatives to Google you can find mentioned online. You do not need to use their app.
     
  6. W7UUU

    W7UUU Super Moderator Lifetime Member 133 Administrator Volunteer Moderator Platinum Subscriber Life Member QRZ Page

    I'm sure QRZ HQ is looking into all of the various options.

    Dave
    W7UUU
     
  7. WB8TCB

    WB8TCB Ham Member QRZ Page

    I too am one of those without a smart phone. Out of town where I live, cell phone coverage is spotty at best, and doesn't even work at all here in the basement where I have my radio shack and computer desk. Being able to do the "Identity Verified" step with the computer is about the only way I would be able to accomplish that.

    Phillip
    WB8TCB
     
  8. W7UUU

    W7UUU Super Moderator Lifetime Member 133 Administrator Volunteer Moderator Platinum Subscriber Life Member QRZ Page

    Based on everything I know at this point, using the computer to "get the code" will most certainly be an option.

    For now, is your password STRONG? See my post above. ANOTHER Nigerian attack in the last hour - hacked a users password

    Dave
    W7UUU
     
  9. AA4ZM

    AA4ZM Premium Subscriber QRZ Page

    QRZ won’t have to “support” any specific app. All of the Google authenticator like apps already support the technology that the site is using. I use an app from a password manager application.
     
    W7UUU likes this.
  10. W7UUU

    W7UUU Super Moderator Lifetime Member 133 Administrator Volunteer Moderator Platinum Subscriber Life Member QRZ Page

    I think the point someone made earlier that there are other authenticators than Google. That's all I meant.

    Dave
    W7UUU
     

Share This Page