Let's talk about 2FA on Discord. I know it's important to keep our accounts secure, especially with all the hackers out there, but the current 2FA system needs some serious rework.
Even if we do set up 2FA, it's not always foolproof. If we lose our phone or our authentication app stops working, we could be locked out of our account forever, unless we have a backup code (which most people don't).
The most frustrating part is trying to recover our accounts with 2FA enabled, and it seems like Discord used to allow 2FA recovery in the past but now doesn't even really try to investigate and just sends the copy-pasted response over and over no matter what. Why is it that people who have just lost their phone, codes, or been hacked are unable to get their account back even if they have a huge amount of evidence that they are indeed the owner? It doesn't seem fair. Keep in mind that Discord says "we can't unlock 2FA on this account due to security reasons," which means they can remove it but may not be willing to do so.
Discord isn't even a bank, it doesn't have nuclear launch codes, and anything crazy like that. Even though it is important to keep our accounts secure, how much security is really needed for a social media platform with servers? I understand that credit cards may be attached to our accounts, but Discord can require a password and email notification code to gift Nitro or boost a new server.
Discord should make it easier to set up and manage 2FA. They should also have a recovery process that allows us to unlock our accounts without having to go through a complicated process. And if we provide sufficient evidence to prove our ownership of the account, Discord should help us regain access to our accounts.
It's really frustrating to hear that some users had to resort to dishonesty in the past to regain access to their Discord accounts. However, the current system for account recovery in the event of a hack or lost 2FA has become significantly more difficult, without providing any real assistance or personalized attention. This disregard for account accessibility is unacceptable and needs to be addressed.
Here's how Discord can improve the 2FA system:
- Implement a simpler authentication process, such as sending a code to our email
- Users will be shown the consequences of losing access to 2FA by having them click an "I understand" button that appears for 5 seconds. This will ensure that users are aware of the risks and will take extra care to safeguard their accounts.
- An option to provide the recent transaction number they get when buying Nitro as evidence to recover their account.
- A feature similar to Google's "6 Hour Password Reset." When a user requests to reset their password and 2FA, a warning should appear on the top bar of Discord (which cannot be removed) with an email notification should be sent to the user's registered email address, notifying them of the reset request. This will add an extra layer of security and help prevent unauthorized access to user accounts if it were to occur.
- A tiered security system, allowing users to choose the level of security they want for their account based on their individual needs and preferences.
- The ability to set up security questions instead.
- Provide an option for users to have their backup codes emailed, and make it clear that it's the user's responsibility to secure their email as well.
This list can go on and on, but it's clear that there are many ways Discord can improve their 2FA system to better protect and help their users.
If you guys agree with me, please vote up and make this post known. I'd love to hear what issues you have experienced with 2FA on Discord and how we can make our voice heard and work together to make it better.
TL;DR: The current 2FA system on Discord needs improvement. Even if we set up 2FA, we could be locked out of our account forever if we lose our phone or authentication app stops working. Discord should make it easier to set up and manage 2FA and have a simpler recovery process. They should also allow users to provide evidence such as recent transaction number when buying Nitro to recover their account. Other improvements include a warning and email notification when a user requests to reset their password and 2FA, a tiered security system, and the ability to set up security questions. I wish to push for a better 2FA system on Discord.
Du måste logga in om du vill lämna en kommentar.