Implement 2-step verification

I as many others have put a lot of effort into Inaturalist. I would like to see the implementation of 2 step verification to make it nearly impossible to get hacked. I would be devastated beyond repair if i lost my account. I would really really suggest the devs to add more security to the site.

While inat may be an exception I’ve been pretty resistant to 2 step that relies on phone numbers because I don’t want that to be out there available either and I was proven right when Facebook was caught selling them. While I in no way think inat would do that I’d rather not see anything relying on phone numbers please. (At least not if it’s mandatory or naggy)

3 Likes

I actually agree with you on that. But i was more thinking along the lines of something like
Authy, which generaters a 6 digit code every minute for which you can login to.

3 Likes

Although iNaturalist does not contain sensitive information (like bank information and such), I agree, I would like to see two-step verification as an option to users. I think options to add two-step verification using a code via text message or phone call, a phone prompt, an authenticator, and/or a security key would be great.

2 Likes

I’m not clear on what this is being proposed to be for. Is this something you’d have to deal with every time you log on? I would hope this could be just optional if implemented, I hate dealing with sites with that sort of login process, especially if it’s phone-oriented (I have terrible and inconsistent cell coverage at home and in many places I work/iNaturalize).

Something optional for those worried about security would be fine, but if it wasn’t optional and involved giving the site private info like phone numbers I would stop using the site.

I can’t really imagine why someone would want to hack my account here, unless it was personal - ie someone I know. A lot simpler to create free accounts for posting spam. I would suppose the worst scenario for me is if they hacked the account then deleted it - I could recreate my observations (or most of them), as my photos are all in a database. It would be more of a challenge to redo the 28990 identification for other people though :-)

2 Likes

yeah i admit i am very skeptical about 2 factor in general. I’ve only been ‘hacked’ once ever - my ATM card which has excessive requirements to login to the point where it’s mostly not even a usable website. I’d be devastated if I lost my observations too, but there’s no real motivation for hackers to get into iNat data, other than perhaps some poachers if you post a lot of rare stuff, which I do not. And while I will sometimes give my phone number to individuals (probably several of the iNat staff already have it) i don’t give it out to webpages and with many other webpages the phone numbers get hacked or are sold outright, and i already get so many junk spam type phone calls that i literally never answer my phone unless i recognize the number. I don’t need more of that. My guess is that something like Authy makes sense for bank accounts and such, but probably involves a ton of dev time to implement and thus probably isn’t worth it here, instead a robust system of backing up the database is probably a better choice, as well as making sure it isn’t easy to delete accounts without being sure it’s the real account holder doing so. Though as long as it’s optional and doesn’t constantly pop up pestering nag screens the way facebook does, i don’t really care if it’s implemented. I doubt i’d use it though.

I agree i wouldn’t put my phone number either, but i think it is simply just nice to have an extra layer of security for something you love. It’s all just precaution. I brought this topic up because a friend of mine first had his twitch account taken over, then his twitter, aol, facebook, paypal, and etc. He got them all back but the ones that were hacked were the ones without 2 step. I simply wish for there to be an option to satisfy my paranoia.

Hackers might be interested in hacking any account on the internet regardless of who made it just for access to the email and password information, because of how many people use the same information for all their accounts.

4 Likes

It’s a really good idea, if using a new or unfamiliar device then additional verification may be required.

1 Like

I’d imagine you just login once on your phone or web, and unless you log out you wouldn’t need the authentication code.

iNatForum currently has the option for two factor identification. The features being described here mirror what iNatForum currently offers.

  1. Two factor identification is totally optional (so users who don’t want to hassle with it are not forced to use it).
  2. You can use an authenticator of your choice.
  3. You can choose to use a security key / backup code instead of an authenticator

I personally would be happy with a system similar to what is being used here.

2 Likes

I already added 2 step on my account for the fourms, Its weird they added it on the fourms but not on the main site.

2 Likes

the forums are through Discourse and not created by iNat

1 Like

As a PhD student who interacts and dabbles in security research, but primarily focuses on citizen science technology and communities. The 2 factor security can be implemented and IMHO should be implemented for at least certain accounts containing observations that may be sensitive in their observations such as identification of rare plants and animals of value in trade (have we reached high tech poaching yet?) if these observations become hidden from search/public view. I haven’t investigated how these sensitive observations are managed by iNaturalist, but could be potential reasons to implement and require 2 factor and is part of ongoing discussions on balancing risks with open data. There are more usable two factor designs such as the push prompt where you login on your computer and a push notification asks you to verify if you are accessing your account (requires two devices and network connectivity), there are hardware keys like Yubikey which would allow offline verification, and there are the local device rotating time based codes. The 2 factor should be an option as well to protect those who have established reputations and could be harmed or their account takeover could mean bad data being entered and lower chance of review. The dev time to implement most of these isn’t too much effort, but thinking through why and by whom the account protection is needed should be considered. Usable security blanances risk and access and I would advocate for having 2 factor available and encouraged with a key thought to how it is implemented.

2 Likes

I know this may not be something that can be shared but, has iNat ever been hacked in a way that two factor can prevent? Strikes me as another gimicky thing that will annoy users and won’t stop strongly motivated hackers… but I guess I could be wrong about that?

Its not a gimmick, Its the same idea of nuclear launch codes. You need multiple codes but in this case its only 2, 1 password and a code that randomly generates every minute. It makes it much harder to hack.

It’s a gimmick if it’s excessive and not needed. That’s why I was wondering if there’s ever been an issue that it would have helped with here.

don’t you already have the option to sign into iNaturalist via a Facebook or Google account? can’t you get your 2-factor authentication that way?

No. That’s more of an ease of access thing.