Jump to content
Whatbird Community

Site Problems and Questions for the Moderators


Recommended Posts

3 minutes ago, IKLland said:

When do we have to do that new sign in thing? I wasn’t asked to sing in at all-but I have my settings to “keep me signed in”. 

It will be soon; the admins wanted to give everyone some warning first. But it hasn't happened yet!

If you want to sing in, be sure to mute your microphone LOL!

  • Like 2
  • Thanks 1
  • Haha 3
Link to comment
Share on other sites

Welp, good luck,hope it helps but I won’t be signing in that way, I don’t have a cell phone to get a text and I sure in hell ain’t using google, thanks for all the knowledge  you guys have helped me with and I wish you all good luck….I will stick around till I get the two factor message….

  • Like 1
  • Sad 7
Link to comment
Share on other sites

39 minutes ago, Quiscalus quiscula said:

What is meant by "google authentication app"? That would basically be my only option as I don't have a phone yet.

Just that - an app you'd download to your computer to generate a code to verify your identity.

Link to comment
Share on other sites

4 minutes ago, aveschapinas said:

Just that - an app you'd download to your computer to generate a code to verify your identity.

That doesn't bode well for me...most of the time I browse whatbird as a guest on a chromebook, and as a guest you can't download apps. Whatbird is blocked on my main work device. 

Link to comment
Share on other sites

1 hour ago, pictaker said:

Welp, good luck,hope it helps but I won’t be signing in that way, I don’t have a cell phone to get a text and I sure in hell ain’t using google, thanks for all the knowledge  you guys have helped me with and I wish you all good luck….I will stick around till I get the two factor message….

Would it be possible to have an email address already on file as of July 1 2023 as an option for 2FA?

Link to comment
Share on other sites

If some of y'all wonder if this is necessary, I just clicked the 'Online users' link.  It's not quite 6 am Eastern time, so it's still earlier across most of the rest of North America.

164 users on line in the last 30 minutes.  Only two were named members; the other 162 were 'Guest'.  I'm pretty sure those aren't birders, they're spammers and other malicious attacks.  A quick scan shows a new 'Guest' viewed the site roughly every ten to fifteen seconds.

Edited by Charlie Spencer
Link to comment
Share on other sites

Sounds like stopping the spammers is going to stop some long standing members as well. If an email 2FA isn't feasible, perhaps exemptions could be implemented for existing members, or perhaps special exemptions for those that know in advance that a 2FA is going to be a problem, like @pictaker and @Quiscalus quiscula.  I have no idea if that's possible/practical, but thought it worth mentioning.

  • Like 2
Link to comment
Share on other sites

48 minutes ago, lonestranger said:

Sounds like stopping the spammers is going to stop some long standing members as well. If an email 2FA isn't feasible, perhaps exemptions could be implemented for existing members, or perhaps special exemptions for those that know in advance that a 2FA is going to be a problem, like @pictaker and @Quiscalus quiscula.  I have no idea if that's possible/practical, but thought it worth mentioning.

Agreed, they are both longstanding and valuable members.

  • Like 2
Link to comment
Share on other sites

1 hour ago, Charlie Spencer said:

If some of y'all wonder if this is necessary, I just clicked the 'Online users' link.  It's not quite 6 am Eastern time, so it's still earlier across most of the rest of North America.

164 users on line in the last 30 minutes.  Only two were named members; the other 162 were 'Guest'.  I'm pretty sure those aren't birders, they're spammers and other malicious attacks.  A quick scan shows a new 'Guest' viewed the site roughly every ten to fifteen seconds.

I just did the same thing, there is 146 right now and checking the ip address they almost all say Singapore. 

  • Like 2
Link to comment
Share on other sites

8 hours ago, Kevin said:

I just did the same thing, there is 146 right now and checking the ip address they almost all say Singapore. 

I was one of these 146 ... I opened up a tab for Whatbird this morning at about 6:30 a.m. after I turned on my computer and fired up my browser. I am finally logging in now.

  • Like 2
Link to comment
Share on other sites

I guess you'll be seeing me even less.  Like others here, I don't have a phone (with cell service) so I can't do the SMS texts and I don't know anything about Google's authentication apps, so I don't know if I'll be able to (or want to) log in.  Sorry this is happening and thanks to the administrators for their hard work.

Edited by The Bird Nuts
  • Sad 4
Link to comment
Share on other sites

I usually have to sign on only a couple of times a year on each of my devices.  These include a home computer, work computer, personal cell phone, work cell phone, and personal tablet.  After I'm on, I'm not logged off unless I reboot the device (often not even then).

I don't know how this applies to others and their devices.  If Young Birders only have to log on that infrequently, maybe a parent or older sibling with a phone could assist.

  • Like 3
Link to comment
Share on other sites

FYI

If it is a TOTP (time-based one-time password) authentication following the specifications used by applications like Google Authenticator, you can use any piece of software that supports the TOTP protocol. A fantastic open-source alternative is andOTP on Android. Apple users should use the 2FA system built into their phone.

For computers, the open-source cross-platform password manager KeePassXC is capable of handling TOTP codes as well, so you don't need a phone to use them.

I thought I'd clear up the confusion for those concerned about needing a mobile device or a Google account. @pictaker @Quiscalus quiscula @The Bird Nuts

Edited by Zoroark
  • Like 2
Link to comment
Share on other sites

For those who have don't have a phone/phone that receives texting: if you have a relative or someone with an old phone they don't use you can add a wifi calling/texting app to it and just keep it near your desktop or wherever you view whatbird at. We did this because my parents needed a way to contact me if I was at home by myself, it works just like normal calling or texting but you have to be on wifi. I use TextNow, it's free with adds(which aren't too annoying) and it has worked well for me.

  • Like 2
Link to comment
Share on other sites

17 hours ago, Zoroark said:

FYI

If it is a TOTP (time-based one-time password) authentication following the specifications used by applications like Google Authenticator, you can use any piece of software that supports the TOTP protocol. A fantastic open-source alternative is andOTP on Android. Apple users should use the 2FA system built into their phone.

For computers, the open-source cross-platform password manager KeePassXC is capable of handling TOTP codes as well, so you don't need a phone to use them.

I thought I'd clear up the confusion for those concerned about needing a mobile device or a Google account. @pictaker @Quiscalus quiscula @The Bird Nuts

That's good to know, but I wasn't concerned about using a Google account, I have several.  It's just the inconvenience that would deter me from logging on often.

  • Like 3
Link to comment
Share on other sites

On 7/8/2023 at 6:11 PM, aveschapinas said:

It will be required every time you sign in to the site.

I have no background with coding or website building, but it seems like some of these changes are going to limit the ability for many people to access the site. If it’s possible, instead of having a 2-factor sign in every time you access the site, maybe having a 7-day “remember me” option like most of my school’s website might help mitigate the troubles others will have. 
 

And for those who won’t have the ability to do the 2-factor authentication at all, giving them access without the authentication would be appreciated. For new members, possibly having a “test” period where new members are required to use the authentification for like a week or a month, and after that they are cleared to access the site as long as they are signed in. 
 

Just some thoughts, and I hope these changes can be accommodated to those it will basically force out. I appreciate all the devs are doing to fight the spammers! 

  • Like 7
Link to comment
Share on other sites

I do coding and website building for a living and it's been my "duty" for the last months to take care of the forums, on the code and database part, believe me I've delayed the 2FA issue as much as I could, tried many solutions before, some worked for weeks and even months, then the forums system had an upgrade and my solutions stopped working.
I've enabled the 2FA, on this first stage, for members that "check all the boxes" that a spammer or a random guest trying to get in would. If it stops the spam, that will be it, if not,  mandatory 2FA for everyone will be.

Please bear with us and keep reporting the spam, that I hope will be much less from now on.

  • Like 2
  • Thanks 7
Link to comment
Share on other sites

46 minutes ago, rita said:

I do coding and website building for a living and it's been my "duty" for the last months to take care of the forums, on the code and database part, believe me I've delayed the 2FA issue as much as I could, tried many solutions before, some worked for weeks and even months, then the forums system had an upgrade and my solutions stopped working.
I've enabled the 2FA, on this first stage, for members that "check all the boxes" that a spammer or a random guest trying to get in would. If it stops the spam, that will be it, if not,  mandatory 2FA for everyone will be.

Please bear with us and keep reporting the spam, that I hope will be much less from now on.

So this was a one time deal(at least for the moment)?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...