2 Factor Authentication

Pretty straight forward idea, could we get support for 2fa on Trakt? :closed_lock_with_key: Perhaps push notification authentication support as well? :bell: :smile:

EDIT: Old forum topic…
https://trakt.tv/forums/ideas/topics/2-factor-authentication

2FA ? Really ? What for ?

I mean what is the sensitive data here that you’d want protected ? Some hacker would maybe mark shows that you’ve not seen ? Don’t get me wrong 2FA is good, but depending on the context, not lways useful, and i don’t believe that the usefulness of 2FA on trakt would outweigh the added inconvenience (i use trakt on dektop myself, not cellphone so grab cellphone, fire your authenticator app, grab the OTP type it back in the field… every … time. It already bugs me to no end on sites where I chose to implement it because I need the security there, but for a leisure app where there are virtually no personal info, and where I use a unique secure passord. WHY ? (oh yes and authenticator app, because OTP via text message have a cost, are insecure, (vulnerable to MiM attack since the OTP travels non encrypted and are on they way out) (and 2FA on push notification ? like the plex scrobbles ? Are you purposefully trying to make my life hell ? :astonished:)

1 Like

First off you do not have to use 2fa if you do not want to, you almost always have to opt-in. I am not suggesting forcing it on anyone. Just the option there for those that want it. :smile:

My account give access to my email address, my forum account with DM’s and privileges and a VIP account that I paid for. As well as any personal info that I could add to my account such as DOB, gender, location/time zone, streaming services that I use (if I used the same login info across sites that would be a problem).

Also yes I have put lot of time into building my watched history, ratings, lists and collection. I would rather not take the chance that an individual could just delete my account.

So of course I want to keep it secure just like I would with any social media account. Such as I would with Reddit, Twitter, ect. Even Epic Games has 2fa now.

That is why I mentioned 2FA using push notifications. Also the Trakt team is making an app, just add that as an integration. Also there are lesser used methods like security keys(YubiKey for example.)

Also all that is protecting a Trakt account is a password, because everyone can sign in with their username so that is half of the login info right there. There also does not seem to be a failed login cap or even a captcha if you fail to sign in.

True, true, 2fa via text is garbage. :face_vomiting:

Like Duo Push or use the new app as I mentioned, don’t know what you mean by Plex scrobbles.

No of course not. :face_with_raised_eyebrow: Not totally sure why you are asking that? :thinking:

3 Likes

Any new plans to implement 2FA?

I propose merging this into Basic 2FA (via external app) (which is newer, but has more votes).

2 Likes