|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
22 Jul 2016, 07:41 PM | #1 | |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Just received E-Mail message from Fastmail
Good day.
I just received the below message from Fastmail. I've never set-up any "alternative logins." Anything to worry about? Thank you. -- Jacinto Quote:
|
|
22 Jul 2016, 08:06 PM | #2 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
As instructed in the message, I logged-in here:
https://www.fastmail.com/go/altlogins To my surprise, I had created an AL for one of my accounts (now deleted). My passwords are long passwords containing lots of symbols and my accounts have never being compromised. I'm afraid that if I start playing with passwords, etc., and lock myself out of an account, given Fastmail's lethargic Tech. Support, it could be days before I can get back in (especially with a weekend coming up). We'll see. -- Jacinto |
22 Jul 2016, 08:36 PM | #3 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,028
|
I hate this part....
On Monday, 25th July or as soon as possible after that, we recommend that you migrate to the new security system. You can do that by logging into your account using your master password, and from the main menu at the top left selecting the "Password & Security" screen. From there, you can set up recovery options for your account, enable two-step verification, and create app and protocol specific passwords to use with 3rd party apps. The system has worked well enough for the last 15 years....why change it now... Do we really have to have the two-step verification? Last edited by Terry : 22 Jul 2016 at 08:44 PM. |
22 Jul 2016, 09:32 PM | #4 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Note to Moderators
Suggest this thread is merged with the main thread on the same subject.
|
23 Jul 2016, 02:23 AM | #5 |
Essential Contributor
Join Date: Oct 2004
Location: Baltimore, MD Suburbs (US)
Posts: 237
|
Okay, so my kids have received this email message as well. I use a family account, and there are two logins to each kid's account. One is limited, the other is the full login. They only have the password for limited, that way I can control things like filtering. (I use it to make sure I get a copy of every email they send and receive to make sure nothing fishy is going on). Is that ability being taken away? I can't think of anything else security wise that is active in their accounts.
|
23 Jul 2016, 02:39 AM | #6 |
Cornerstone of the Community
Join Date: Mar 2002
Location: Florida
Posts: 545
|
Fred suggested moving this discussion to the main thread about the security changes. I agree with Fred.
|
23 Jul 2016, 03:43 AM | #7 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,028
|
I dont agree it covers a different subject
|
23 Jul 2016, 06:21 AM | #8 |
Cornerstone of the Community
Join Date: Jul 2009
Posts: 879
|
What about legacy Member and Guest accounts? A family member has one of those and has not received any sort of email about login requirement changes or anything else from Fastmail. Will some sort of 2FA login be required on that account next month, or is there only an option to add such a thing if desired? I hope it isn't mandatory, since the user of that account certainly has no need or wish for it. As I say, there has been no notification to that account. Can anyone advise me on this point?
|
23 Jul 2016, 06:48 AM | #9 | |
Master of the @
Join Date: Nov 2002
Location: Canada
Posts: 1,015
|
Quote:
They aren't forcing everyone to enable 2FA. It will simply be an option for those who desire it. |
|
23 Jul 2016, 09:09 AM | #10 | |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
Quote:
|
|
23 Jul 2016, 01:09 PM | #11 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,028
|
They need to hide the backup email address as currently it's being shown
|
23 Jul 2016, 02:42 PM | #12 |
Cornerstone of the Community
Join Date: Mar 2011
Location: ~$
Posts: 652
|
I don't care about 2FA, because I rarely use the web interface and I don't use the Fastmail app.
What I do care about is giving a different password to each PC or mobile app that I do use, so that I can easily revoke access if necessary. No amount of 2FA is going to make my IMAP/SMTP sessions more secure. Alternative logins, on the other hand, serve this purpose very well. According to the blog post, there will be some sort of "app password" feature to replace the way I'm using alternative logins. As of today, that feature is nowhere to be found. According to the notice, it may arrive some time after Monday. And despite the fact that an app password would serve the same purpose as my current usage, I'll have to manual migrate all my alternative logins. FastMail managed to migrate all my rules to the new system, why can't they do the same with alternative logins? FastMail: If you want to tell me to stop using a feature, that's okay, but don't send the notice until the replacement feature is ready to use. |
23 Jul 2016, 10:43 PM | #13 | |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Quote:
I only received the message of reference on the account that had a (long forgotten) AL. -- Jacinto |
|
23 Jul 2016, 10:50 PM | #14 | |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
Quote:
I'm not a casual E-Mail user and am very concerned about security. Having said that, I use long passwords with lots of non-alphanumeric characters and have never been hacked. Two step logins are fine if that's what you like. I would prefer Fastmail allowed the use of pass phrases as well as passwords. Once you add-in empty spaces, you should be good-to-go as far as security is concerned. -- Jacinto |
|
23 Jul 2016, 10:51 PM | #15 |
Essential Contributor
Join Date: Jun 2009
Posts: 395
|
|