Multi-factor authentication
I just accidentally used my Logos password on feedback.faithlife.com, which seems to use an external system. So I changed my Logos password after that, and I found that there's no choice of multi-factor authentication there, hence the suggestion here.
Older threads on the topic:
- 2014: https://community.logos.com/forums/t/87601.aspx
- 2017: https://community.logos.com/forums/t/154701.aspx
So it seems appropriate to suggest again after another 3 years.
In those threads other issues are mentioned such as at rest encryption. But let's focus on multi-factor authentication only here.
Reasons are
1. Without Multi-factor authentication, once your password is known it is game over. And less-than-optimal practice by majority of users such as password reuse, coupled with other companies' security breaches make it very likely a pair of email and password is leaked somewhere and could be used to log into someone's Logos account. This are numerous password databases floating around out there.
2. The frequency of these security breaches (recall that some other companies' breach can harm Logos users too) mean that it is now something not very rare, but increasingly more probable.
3. We are having a COVID year... This may not directly related to Logos users. But the rise of work-from-home has attracted a lot of hacking activities.
4. While it seems like we are not attractive targets (hacking our account to do what here?), some hacking activities are based on pure hatred and nothing can create more hate than religion, so may be we're not that small of a target after all.
Comments
-
This is a good idea, but there are some high costs and low benefits (which is why it hasn't been selected for implementation yet):
High Costs:
- We don't have a unified login page yet (but we're working towards it), i.e., not everything goes through auth.faithlife.com. A number of sites, most notably logos.com and faithlife.com (but also sermons.logos.com, biblia.com, and others) provide their own sign in forms. These either have to be migrated to auth.faithlife.com, or independently develop their own 2FA login flow.
- There may be user confusion from being redirected to a separate login site, as opposed to signing in on the site itself. I think this was certainly true in 2014; it may be less of a problem now that the Faithlife brand is more well known (but there are still a lot of people who don't realise that Faithlife produces Logos Bible Software).
- We would need to integrate 2FA into Logos 9 and our the mobile apps, and develop app passwords for older versions of that software where 2FA can't be used.
Low Benefits:
- Most users who would enable 2FA already follow password best practices, e.g., already using a unique strong 16+ character random alphanumeric password stored in a password manager. These people are not at risk from having their password exposed in a password breach from another site. (That said, I'm one of these users but I still enable 2FA on sites wherever possible.) The people who would benefit most from 2FA (because they reuse the same password across multiple sites) have never heard of it and wouldn't use it ☹. And of course this isn't a corporate system where we can enforce 2FA for all users to improve security. 😁
- We use a secure cryptographic hashing algorithm for passwords, so Faithlife user passwords would not be trivially exposed if there were a database breach of our account system.
0 -
Thanks for the thoughts and a very good summary!
By the way, I found out a subtle bug in Logos 9. As I changed the password yesterday, I opened a Logos 9 Desktop on a Mac, and there's a red exclamation mark showing it has problem to sync. At first I thought it was an internet problem. But later realized it is because I have changed the password so I need to re-authenticate.
On iOS, it has a different problem in reentering password. After changing password, I think I was logged out from the mobile app. Then upon logging in with a wrong password, there are tons of pop up windows showing some resources can't be downloaded (must be some resources I downloaded manually in the app. And the no. of pop up I need to touch "ok" is probably as many as the ones I downloaded. Luckily I didn't download a lot...)
0 -
Kolen Cheung said:
By the way, I found out a subtle bug in Logos 9. As I changed the password yesterday, I opened a Logos 9 Desktop on a Mac, and there's a red exclamation mark showing it has problem to sync. At first I thought it was an internet problem. But later realized it is because I have changed the password so I need to re-authenticate.
Yes, it's a known issue that the desktop doesn't handle needing to reauthenticate very well. This is in our bug tracker.
Kolen Cheung said:Then upon logging in with a wrong password
I'm not sure I understand. Are you saying that you had to sign in again, but you used the wrong password and the app still let you sign in anyway?
0 -
We don't have a unified login page yet (but we're working towards it), i.e., not everything goes through auth.faithlife.com. A number of sites, most notably logos.com and faithlife.com (but also sermons.logos.com, biblia.com, and others) provide their own sign in forms.
That's for sure! A couple days back, even though I've been Verbumized, neither Verbum nor Logos would 'auth' me ... I snuck in through the forum logon. Troublesome for shopping.
"If myth is ideology in narrative form, then scholarship is myth with footnotes." B. Lincolm 1999.
0 -
(but there are still a lot of people who don't realise that Faithlife produces Logos Bible Software).
Marketing emails like the one I received this morning for having purchased a Logos 9 base package that come from "Kyle from Logos" really don't help with that. If Faithlife wants people to realize that Faithlife makes Logos, Faithlife needs to be consistent. If not, it doesn't matter.
“The trouble is that everyone talks about reforming others and no one thinks about reforming himself.” St. Peter of Alcántara
0 -
I'm not sure I understand. Are you saying that you had to sign in again, but you used the wrong password and the app still let you sign in anyway?
No. Say I have password A changing to B. Upon changing to B, the iOS Logos app logged me out and want me to sign in. I signed in using A accidentally. Now the app said password wrong, and a bunch of pop up windows saying I cannot download resource X, Y, Z, etc., obviously because I have a wrong password so they can't authenticate.
So the subtle bug in this case is, imagine if someone has 5000 books downloaded to their iOS device, and if they re-authenticate incorrectly, there will be 5000 pop ups and they need to click all of them (in this case probably they should force quit the app and hope they will disappear.)
0 -
I agree with the OP's request for second factor authentication. Passwords are fundamentally broken and currently Logos is very insecure in comparison with most other essential online services that I use. Behind merely a password are thousands of dollars worth of books and possibly irreplaceable notes and Bible studies of a decade of use. Someone could easily hijack the account and make notes disappear or create orders with the stored Credit Card details.
I would suggest a voluntary choice of solutions for second factor authentication:
- Email confirmation on a new device
- SMS confirmation on a new device
- TOTP Authenticator code for each login
- none of the above for those who wish to remain insecure ;-)
Currently Logos does not even ask for confirmation for a change of Email address. I have been with Logos since 2011, and I am really shocked at the lack of account protection.0 -
FWIW - I am not a security expert and I don't have any special knowledge into Logos' security roadmap, but since this thread started in 2020, the support of passkeys by Google, Microsoft and Apple under the FIDO2 framework started in 2022. I have read that passkeys will render some elements 2FA unnecessary, so I would expect that any updates in Logos' security will take into account where the industry is headed.
0
