Attention New measures to stop scams and dishonest behavior in the Exchange

[Rick Roehrig]

2 factor authentication makes me re-login in with a code every 30 days.

Simple.......if you haven't logged in the past 30 days just make all profiles require 2 factor.

But a good portion of this site never reads anything and will whine and moan about "2 factor".

I've been using 2FA for the last couple of years. It's not difficult to set up or use. I second the motion to make it required.

 

[knarfeng]

I've been using 2FA for the last couple of years. It's not difficult to set up or use. I second the motion to make it required.

I am not in favor of 2-factor ID. I do not tie any web site to my phone. I do not remain logged in on any site. Nor do I allow any of my machines to remember any of my passwords. So using 2-factor ID means I would need to log into two separate sites, which I find annoying. I depend on a 15-character password containing caps, smalls, special characters, and numbers, which I use only on this site and which bears no similarity to any other password I use.

It's been shown that forcing people to change passwords on a regular schedule leads to people using simple, easily guessable passwords. It is better to have a strong (complex) unique password.

 

[RoyalHolic]

I am not in favor of 2-factor ID. I do not tie any web site to my phone. I do not remain logged in on any site. Nor do I allow any of my machines to remember any of my passwords. So using 2-factor ID means I would need to log into two separate sites, which I find annoying. I depend on a 15-character password containing caps, smalls, special characters, and numbers, which I use only on this site and which bears no similarity to any other password I use.

It's been shown that forcing people to change passwords on a regular schedule leads to people using simple, easily guessable passwords. It is better to have a strong (complex) unique password.

Most people use 2F though these days. Every secure banking website and app, Amazon, Ebay pretty much all of them have 2F.

Hard passwords are fine too but if someone has been dormant for a year or a few months taking a sabbatical and coming back to 2FA would be a lot easier especially since most people tie everything to their phone now.

Hackers could never get into dormant accounts if 2FA was automatically enabled.

 

[knarfeng]

It's certainly a valid option. But, I'm not in favor of making it a requirement.
There are also password managers and generators which can be used.

 

[Rick Roehrig]

I am not in favor of 2-factor ID. I do not tie any web site to my phone. I do not remain logged in on any site. Nor do I allow any of my machines to remember any of my passwords. So using 2-factor ID means I would need to log into two separate sites, which I find annoying. I depend on a 15-character password containing caps, smalls, special characters, and numbers, which I use only on this site and which bears no similarity to any other password I use.

It's been shown that forcing people to change passwords on a regular schedule leads to people using simple, easily guessable passwords. It is better to have a strong (complex) unique password.

The 2FA that this forum uses is not tied to my phone.

 

[knarfeng]

The 2FA that this forum uses is not tied to my phone.

But it is tied to another account someplace. So unless you are always logged into that other account, that means logging in to two accounts.

 

[RoyalHolic]

But it is tied to another account someplace. So unless you are always logged into that other account, that means logging in to two accounts.

If you have a gmail/microsoft account you already have it on your computer.

You can get authentication codes on your computer, your email or operating system provide it.

 

[Rick Roehrig]

But it is tied to another account someplace. So unless you are always logged into that other account, that means logging in to two accounts.

No, OSX takes care of the authentication. I don't have to log in as a separate step. Your situation may not be the same as mine though.

 

[knarfeng]

If you have a gmail/microsoft account you already have it on your computer.

You can get authentication codes on your computer, your email or operating system provide it.

As long as you remain logged into that account.
I never remain logged into any account, anywhere. When I am done with an account or a site, I log out.
I never log into Google on my primary computer. And I don't run Windows or IOS

 

[klikekyle]

I understand wanting to protect all parties but this won’t prevent scammers from scamming. What works is due diligence and personal responsibility. You had a great pinned post that made people aware of ways to protect themselves. I feel updating that with password, timestamp, vouches and other suggestions mentioned here would be better than making it clunkier for the average hobbyist to post knives up. Yes it’s a piece of paper but that can be done via a PM. It’s just adds more wasted time for mods to babysit posts IMHO.

BF does not charge a commission like eBay so there’s no liability on their part and I know when a deal goes bad mods are quick to address which is great.

That said rules is rules.

 

[Jack Black]

I don't sell, but these sound like sensible changes

 

[dutch_0311]

So no more bumping your sales posts? That will greatly reduce the chance of getting your item sold as most people only check the newest posts each day.

 

[bbk357]

So no more bumping your sales posts? That will greatly reduce the chance of getting your item sold as most people only check the newest posts each day.

?
On BF bumping does not actually bring it to the top like some forums. Not sure what you’re asking?

 

[SwissHeritageCo]

Most people use 2F though these days. Every secure banking website and app, Amazon, Ebay pretty much all of them have 2F.

Hard passwords are fine too but if someone has been dormant for a year or a few months taking a sabbatical and coming back to 2FA would be a lot easier especially since most people tie everything to their phone now.

Hackers could never get into dormant accounts if 2FA was automatically enabled.

Yeah it sucks too. Particularly if you used a privacy based web browser or any kind of "no fingerprint" settings, they force the 2FA on you Both ebay and paypal does this.

 

[dutch_0311]

?
On BF bumping does not actually bring it to the top like some forums. Not sure what you’re asking?

So you’re telling me that it didn’t used to bump your post? Been in this forum for a very long time and would watch my post bump to the top each time I added to the comment section. That seems to have changed somewhat recently. If that’s the case, no wonder why my items don’t sell as fast as they used to. When did this change?

 

[Peter Hartwig]

^^^ If you mean recentlty, last 20 yeares maybe. Posting in your thread will show as a new post, but does not move the thread. You have to wait 14 days, then post a new thread. Some were deleting the contents of their thread, and reposting less then 14 days. They won't be able to do that now.

 

[dutch_0311]

^^^ If you mean recentlty, last 20 yeares maybe. Posting in your thread will show as a new post, but does not move the thread. You have to wait 14 days, then post a new thread. Some were deleting the contents of their thread, and reposting less then 14 days. They won't be able to do that now.

Hmm…it has never seemed that way. I always thought that every 24 hours you were allowed to add a comment which would breathe new life into your sales thread and move it back to the top. Anything less would be counterproductive to your sale. Many other forums do it that way and sales get a lot more exposure. More exposure = faster interest/sale of your item. Pretty basic concept.

 

[Peter Hartwig]

See #111 seers in exchange rules

Exchange Rules

How you should handle yourself in The Exchange

www.bladeforums.com

 

[kreole]

Hmm…it has never seemed that way. I always thought that every 24 hours you were allowed to add a comment which would breathe new life into your sales thread and move it back to the top. Anything less would be counterproductive to your sale. Many other forums do it that way and sales get a lot more exposure. More exposure = faster interest/sale of your item. Pretty basic concept.

Yeah that was a thing but has been gone years now. There used to be a rule about bumping where you could do it every 24 hours iirc, but as Peter said the forum got rid of the rule and instead made the forum sort by first post by default. Made/Makes for less stuff for mods to do because people broke that rule constantly.

Edit: If yours shows otherwise, it's because you changed the settings there to sort by last post instead.

 

[dutch_0311]

Yeah that was a thing but has been gone years now. There used to be a rule about bumping where you could do it every 24 hours iirc, but as Peter said the forum got rid of the rule and instead made the forum sort by first post by default. Made/Makes for less stuff for mods to do because people broke that rule constantly.

Edit: If yours shows otherwise, it's because you changed the settings there to sort by last post instead.

I guess I never realized that had changed. Sounds pretty lazy on the mods behalf but it is what it is I suppose . Good thing we’re not paying to use this forum….oh wait .