Enhance Security request

Martijn_Duijm · December 28, 2021, 4:10pm

Hi,

Not sure why this is not yet implemented, as this is common with most internet basic applications. But please add asap the possibility for users to enable 2FA to protect their account.

Also please send a notification when someone logs in to their account, including IP address / location. This way you should be notified if someone else is using your account.

Username / password is really super insecure! I cannot understand why this is not yet implemented.

Anyhow, hope this can be addressed soon.

I guess this is overkill, but more information can be found on google / wikipedia if you search for 2FA. (link is not allowed I see which is super!)

thank you,

Martijn

Chris_D9 · December 28, 2021, 6:02pm

That’s a decent idea, but given the companion app drop out issues many people were having (and some still have) it might be difficult to log in at all.

BooX · December 28, 2021, 6:56pm

+1 for an option to enable 2FA auth.

BooX

Anna_Ronkainen · December 28, 2021, 7:01pm

While I’m certainly not against the idea, I somehow don’t see myself using it as long as the app has a habit of forgetting my credentials (happens simultaneously on all installed apps and the my.zwift.com website whenever it happens) once every month or two…

Dave_ZPCMR · December 28, 2021, 7:24pm

Does it forget your username (email address), out of interest? The launcher I mean.

Run.10K.Every.Day · December 28, 2021, 8:45pm

Once in a blue moon mine does Dave.

Anna_Ronkainen · December 28, 2021, 9:26pm

Good question. Can’t say for sure but I think it does. Having to log in to a website as well (and that’s on a different machine) suggests to me that it at least isn’t anything specific to my local installation.

Dave_ZPCMR · December 28, 2021, 9:29pm

Reason I ask is I’m currently struggling to find a way to forget it on the new launcher, even when I want to. So you’d be sorted.

Edit*: Okay I’ve figured it out now.

*after spamming the login server about 100 times

Martijn_Duijm · January 3, 2022, 10:27pm

Hi. I understand forgetting credentials is a thing. Perhaps good to know and perhaps a tip is to use a single browser across platforms that support passwords or what I do myself is using apple keychain. This way I have a 16 character password which is unique for Zwift and I don’t have to remember. 2Fa is for all users an extra layer but specifically for people that re-use passwords across websites. Facebook / Google / insta / Twitter they all use it, however too bad not mandatory. Which leads to account takeover.

Anyhow sorry for the long story. thanks for all comments and votes!

Run.10K.Every.Day · January 4, 2022, 9:28pm

Dave,

There’s an easier way of doing this. I had to do it after inadvertently inputting my username incorrectly and it remembered it.

Apols if that’s not what you meant or I’m trying to teach you to suck eggs.

Dave_ZPCMR · January 4, 2022, 10:33pm

That’s on the old launcher, it doesn’t work on the new one because it’s not IE-based any more. I got the answer from HQ anyway, just after I figured out a ludicrously convoluted way to do it manually.

Run.10K.Every.Day · January 9, 2022, 9:12am

Can you share your knowledge Dave, I’m about to give away my old Zwift PC but it’s still populating my email address in the launcher.

Thanks in advance.

Anna_Ronkainen · January 9, 2022, 12:51pm

Ok, it happened again. Yes, the application still remembers my email when it forgets my credentials.