-
Open standard 2FA with QR codes Could we please move away from the Authy only 2FA implementation currently used and provide standard TOTP and QR codes?
This would work much better for people who already have a stack of 2FA accounts in other solutions, remove reliance on a single application, fix issues with support (eg. Windows Phone), remove the need for a phone number (important for younger users I'd imagine) and generally increase flexibility and usability of 2FA for everyone by not locking us into a proprietary implementation.
236 votes -
add the ability to use a Yubikey or other kinds of usb 2auth devices It would be really nice to use a usb device for 2auth (something like the yubikeys).
130 votes -
Provide backup codes for 2FA Also provide other options for 2FA apps not just Authy
106 votes -
Stop requiring a phone number to set up 2FA. First of all, good job on implementing non-Authy, non-SMS 2FA!
That being said, there's still a major hole in your 2FA implementation, and that's requiring a user to set up SMS authentication before they can set up other forms of 2FA. Unless I've missed something huge, whenever I try to set up 2FA on Twitch, I get directed to put in my phone number first. There's no prompt I can use to skip this step.
This is completely counter to how a lot of other sites do 2FA, where SMS authentication is an option, not a requirement. You can completely…
88 votes -
An option to disable SMS authentication fallback after enabling Authy. SMS as 2FA is well known to be the least secure of the methods available but still a better option than no 2FA at all, but I suggest an option to disable it as a fallback after having enabled Authy to lessen the security risks to the user account. You could learn from others mistakes such as Reddit's: https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/
72 votes -
Your TFA requires a phone. the need to use other time based 2FA without the need of a SMS capable phone to use. Many sites now uses 2FA and a single platform to build it around doesn't make sense.
please use a open system
59 votes -
Stop using my mobile number for creating an Authy account In https://help.twitch.tv/s/article/two-factor-authentication?language=en_US#Emotes?tt_content=two_factor_emote_rewards&tt_medium=notification_center it says that "When you set up Two-Factor Authentication on your account, an Authy account is automatically created for you even if you choose to actively use an alternative authentication app. This means you can fill out Authy’s Phone Change Form and recover access to your account." I don't need you creating an Authy account behind my back. You have to give us the option to undo this.
24 votes -
Affiliates should be Verified Accounts for Phone Verified Chat re: https://blog.twitch.tv/en/2021/09/29/securing-your-chat-with-phone-and-email-verification/
The FAQ suggests alternatives to mobile verification, VOIP, et al., are not good enough for verification; i.e., too cheap to spoof.
I'm an affiliate in long standing, can that fact not be verification that I can be trusted not to make duplicate accounts? Twitch has my tax ID, I'm pretty sure that they're pretty sure who I am. I do use Authy (and other online services) for verification, but I do not use cell networks ("mobile").
It makes little sense that Twitch has approved Us affiliates to represent their Terms of Service well enough to pay us, yet…
12 votes -
A verification method that can be used to clearly and unambiguously exclude bots Many streamers are currently being flooded by bots. There are no adequate filter mechanisms such as Captcha or other authentication methods that probe the creation of multiple fake accounts.
Twitch should use a secure authentication method for account creation as soon as possible so that so-called bot accounts and fake accounts can no longer be created in the future.
These bots make it unnecessarily difficult for honest streamers to apply for a partnership. In addition, it is almost impossible for streamers to prove that they have not bought or deliberately used any bots such as follower bots.
Dear community, please…
8 votes -
Use 2FA Phone Number to Count as Chat Verification
…I am suggesting an idea which would utilize having set up 2FA using a phone number to count for chat verification as well. I was in a raid but when I got to the destination streamer I couldn't send messages in the chat even though I had followed that channel. I got a message saying that I couldn't chat because my account wasn't verified. I clicked on the little info icon, and it explained it and I was able to get into chat fine. I was confused though, because I have had my Twitch account set up with 2FA using
7 votes -
U2F/FIDO support for Authentication I understand Twitch has recently allowed people to use other apps for means of authentication, but please allow users to use U2F/FIDO authentication, this is not only more secure but also very reliable. Having a U2F as primary with a TOTP as a backup is in my opinion the best method of security, given that Affiliate/Partner accounts hold alot of personal Tax information, I feel this fits more as it's such sensitive information.
5 votes -
Go back to old way of signing in. This just ruins twitch altogether, please please please go back to singing in with email.
5 votes -
Google or another 2FA Add support for Google Authenticator or Another alternative beside Authy
5 votes -
Twitch affiliate for less well off Hi, I just contacted PayPal about a fraud against me.I had contacted this site for help with affiliate status and receiving donations. Which would be very useful to me given my social status.
Can't I have affiliate status given the need and collaboration?
4 votes -
Stop thinking i'm a bot and asking for a mobile sim card on a verrified email account Right now i can't chat on any twitch cause its asking for me to enter a mobile number. and despite my repeated attempts at getting SOMEONE to disable this stupid targeting on my accounts, nobody is listening. And no I'm not giving my mobile number. u have my verified email and i shouldn't be scrutinized to enter a mobile number. If you need mobile numbers on my account then i'm not using twitch period. and unsubbing from everything and moving to another platform. the fact you single me out for using twitch-tools.de and a vpn shows you don't care about…
4 votes -
IP logging Log IPs of all attempted logins to an account. This way we can report suspicious behavior to you and to authorities/banks when it occurs.
Reason being, I have received multiple 2FA codes on my phone and have no way to report these unauthorized attempts to access my account. I have changed my PW and am still receiving these codes. I have ran two separate virus checkers and come back empty from both.
Thank you.
2 votes -
2fa but with email backup tokens Simply you should add a recover account option for 2fa where you receive a token to open your account
2 votes -
Please Fix 2fa set up so that it works with all phoneS Please Fix 2 fa so it works with all phones. I am currently having to find a work around because MY cell carrier is NOT supported. it is preventing me from getting my affiliate that is B.S. There should be another option to authenticate other than cell phone OR your system should just send a code out to what ever # i put in even if it is not on some list. this is crazy as my Number works for every other site on internet!
1 vote -
Textnow Using textnow (with subscription) in order to verify your phone number.
1 vote -
Ständig mein Konto bestätigen Wie Kann es sein das ich jeden Tag mein Twitchkonotbestätigen muss um in irgndwelchen chats schreiben zu können!!!! Das ist dochb mobbig !!!
1 vote
- Don't see your idea?