Page 2 of 5

Re: Three features you would like to see in 3.3.

Posted: Fri May 11, 2018 1:19 pm
by Wes of StarArmy
Interesting to hear David. Thanks for this informative reply.

I would "like" your post if I could. Maybe we'll see that as a 3.3 feature? :P

Re: Three features you would like to see in 3.3.

Posted: Sat May 12, 2018 3:39 am
by John connor
There's an extension for that. :lol:

Re: Three features you would like to see in 3.3.

Posted: Sat May 12, 2018 6:25 am
by david63
John connor wrote:
Sat May 12, 2018 3:39 am
There's an extension for that. :lol:
But from what I last read it does not fully work with nested quotes

Re: Three features you would like to see in 3.3.

Posted: Sat May 12, 2018 8:12 am
by Mick
Wes of StarArmy wrote:
Fri May 11, 2018 1:19 pm
I would "like" your post if I could. Maybe we'll see that as a 3.3 feature?
Heaven forbid.

Re: Three features you would like to see in 3.3.

Posted: Sat May 12, 2018 10:02 pm
by John connor
Mick wrote:
Sat May 12, 2018 8:12 am
Wes of StarArmy wrote:
Fri May 11, 2018 1:19 pm
I would "like" your post if I could. Maybe we'll see that as a 3.3 feature?
Heaven forbid.
Yeah, when you are used to a platform called Xenforo that tries to copy social media, you expect it. Frankly, I think Xenforo is geared more towards Millennials. That's my take every time I interact with forums that use that paid-for crap.

Re: Three features you would like to see in 3.3.

Posted: Mon May 14, 2018 11:21 pm
by Wes of StarArmy
Forums are social media. Some forums are better social media than others. Millennials are currently people with ages around 17 to 36, which is the core demographic of probably more than half of all forums. It is important for phpBB to evolve to meet user expectations. Likes are great. They provide positive feedback to people who post, which in turn encourages more posting, and it cuts down on one-liner, minimal content posts like "Agreed" which is better for SEO.

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 1:22 am
by LaxSlash1993
John connor wrote:
Sat May 12, 2018 10:02 pm
Frankly, I think Xenforo is geared more towards Millennials.
Hey now, we're not all that trendy... :lol:

I would love 2fa, coupled with a group setting/permission to force it on users within that group with an optional per-user override.

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 3:42 am
by John connor
LaxSlash1993 wrote:
Tue May 15, 2018 1:22 am
Hey now, we're not all that trendy... :lol:
:lol: I guess I just beat the millennial epoch for I am 37. :mrgreen: But I am pretty trendy, at least I think so. I wear bowling shirts and cargo pants. Sometimes an occasional Hawaiian shirt. I should have my GTA San Andreas avatar redone to reflect my trendiness. :lol: :D :lol:

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 11:41 am
by Wes of StarArmy
Two-factor authentication is best practice and it makes no sense for a forum software not to have it because a forum software's reputation, in terms of security, is very important. On my board I force 2FA for all admins and global moderators as part of my security practices, which are listed on my privacy policy as part of how we protect people's personal data.

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 12:29 pm
by tojag
1. 2FA of course :) If someone has not yet voted, please vote here.

2. Quoting moderation reports to reporters. Usually I reply to the reporters if I reject the report. One small button is missing as with every post - "PM to the author of the report".

3. Enforcing password change for selected groups. Eg. in some countries this is a legal requirement for admins. But I do not want to use the built-in function because it covers everyone, which is inconvenient for ordinary users and not required by law.

Regards

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 4:09 pm
by LaxSlash1993
Wes of StarArmy wrote:
Tue May 15, 2018 11:41 am
Two-factor authentication is best practice and it makes no sense for a forum software not to have it because a forum software's reputation, in terms of security, is very important. On my board I force 2FA for all admins and global moderators as part of my security practices, which are listed on my privacy policy as part of how we protect people's personal data.
DR is also important. You should have one account that's an admin without 2FA being enabled.
tojag wrote:
Tue May 15, 2018 12:29 pm
3. Enforcing password change for selected groups. Eg. in some countries this is a legal requirement for admins. But I do not want to use the built-in function because it covers everyone, which is inconvenient for ordinary users and not required by law.
Maybe a "group security options" for each individual phpBB group with an option to exempt certain users of that group in general would be nice? Password complexity, max age, old password retention, 2FA Requirement settings, etc...

Re: Three features you would like to see in 3.3.

Posted: Tue May 15, 2018 9:11 pm
by tojag
LaxSlash1993 wrote:
Tue May 15, 2018 4:09 pm
Maybe a "group security options" for each individual phpBB group with an option to exempt certain users of that group in general would be nice? Password complexity, max age, old password retention, 2FA Requirement settings, etc...
Would be nice :) I manage 8 sites supported by joomla and 2 serwer with DirectAdmin. Can't imagine it without 2FA.
Wes of StarArmy wrote:
Tue May 15, 2018 11:41 am
Two-factor authentication is best practice and it makes no sense for a forum software not to have it because a forum software's reputation, in terms of security, is very important. On my board I force 2FA for all admins and global moderators as part of my security practices, which are listed on my privacy policy as part of how we protect people's personal data.
But I see that your site stararmy works on xenforo not phpbb. If You have another site supported by phpBB, please tell us what extension do you use for 2FA. I need it! 2FA with authenticator soft eg. Google Authenticator is the best solution what was invented for everyone without costs.

Re: Three features you would like to see in 3.3.

Posted: Mon Jun 11, 2018 10:07 am
by tojag
Today I enabled 2FA in phpMyAdmin. Starting from v.4.8, phpMyAdmin supports 2FA.
So, now I have 2FA in the Direct Admin Panel, phpMyAdmin, Joomla. Only phpBB remained in my system without this security.

Re: Three features you would like to see in 3.3.

Posted: Mon Jun 11, 2018 1:58 pm
by Lumpy Burgertushie
are you having problems with people/hackers being able to access your phpbb in some way? no, I don't think so. If phpbb were having security issues I would say maybe this was something to worry about. however, as far as I know there are none so why worry about something when there is nothing to worry about.

robert

Re: Three features you would like to see in 3.3.

Posted: Mon Jun 11, 2018 2:32 pm
by Ger
Well, 2FA isn't really about security of the current phpBB login system itself, that's actually fine as it is. AFAIK it's never been hacked.

2FA is securing the bypasses, e.g. when your email account is hacked, somebody resetting your phpBB account linked to that email etc. Or simply somebody guessing your password or when it's retrieved through a MITM attack, a keylogger or just watching over your shoulder while you type it. 2FA is simply extending the "something you know" (password) with a "something you have" (your phone). The combination of those two required to login makes it way more difficult to breach it.