Looks to be Wordpress generated.
Might be off-putting for some of us who aren't really all that enamored with or savvy about all the technicalities of computer interface.
I'm particularly wondering if I'm going to have to retrieve an email and click a link every time I want to login to the forum pages.
Thanks
James B
Edit: I'm using a Touch ID and I see that the Wordpress needing verification message can also be activated by that login technique, so it's not all the way to an email verification link... for me,... as long as I keep my fingers dry. but wondering if a specific event precipitated this, need?
sweepbjames said
...wondering if a specific event precipitated this, need?
I noticed it. Somebody must have configured something extra that requires us each to gain full access. So it's not just you.
I think sometimes security measures need to be put in place by those above our administration in defending malicious attackers, and I think that is going on right now, and why we each are being looked at by entering in keys manually.
Think of it as a temporary screen that lasts until either the threat of a hack subsides or a better time saving solution is found by WordPress to screen this threat.
This had nothing to do with the double verification via email (as you mentioned) for me so it was another way of wordpress indicating to you what's real concerning your real email on file.
I get the message saying that additional verification is required, but then it isn't. I just finish my login as normal. It happened just now, and once before. Also recently. I didn't realize it was coming, but also admit that I didn't read this months update from the webmaster.
I now just read it, no specific mention of additional security features, but we did get an updated version of Simplepress.
I see on the verification request screen, access similar to what I've set up for my login... a fingerprint sign in, that does logs me in. ...it also sends me an email request to get a verification code texted to me for login. I am now (for now) ignoring that request in hopes that it won't after a certain amount of times determine me to be foreign particle matter and shut me out until such time as I can work it out with an administrator. Meanwhile that email message looks like this:
|
1:08 PM (3 minutes ago)
|
|||
|
||||
Request Time: July 5, 2023 01:08:48 PM
IP: 97.115.170.177
The request was flagged as suspicious, and we need verification that you attempted to log in to allow it to proceed. This verification link will be valid for 15 minutes from the time it was sent. If you did not attempt this login, please change your password immediately.
**words, linked: login and verify
Hello! Thank you for expressing your concerns and questions. Recently I have been hardening the security on this website because I noticed an uptick in spam registrations. I'll spare you the technical details, but the security of the forums is greatly enhanced now in many regards.
One of the measures is to harden both the login as well as the registrations. I used Google Recaptcha for both the login as well as the registration screen, as one of the many measures that will prevent bots and hackers from taking advantage. I used the recaptcha that works behind the scenes so that you don't have to check checkboxes or answer riddles or puzzles. I'm trying to keep the added security painless as possible!
@sweepbjames and @Rooney thank you for pointing out that noticed a side effect of this with the double login step and the email verification. Thank you for bringing that to my attention. I have now found a way to eliminate that extra step and the login is now working smoothly again. You'll notice the login screen is a bit different than what you're used to in the past. But this allows me to more easily enforce the new security measures.
OK, everything is looking great now from a security standpoint, its a great upgrade. It shouldn't affect anything in your day to day usage of the website but if anyone has any issues accessing the website, please let me know.
Thank you!
Noel
Answers Post
sweepbjames said
I see on the verification request screen, access similar to what I've set up for my login... a fingerprint sign in, that does logs me in. ...it also sends me an email request to get a verification code texted to me for login. I am now (for now) ignoring that request in hopes that it won't after a certain amount of times determine me to be foreign particle matter and shut me out until such time as I can work it out with an administrator. Meanwhile that email message looks like this:
WordPress wordpress@forums.homeorchardsociety.org via aumsville.dreamhost.com
Request Time: July 5, 2023 01:08:48 PMIP: 97.115.170.177
The request was flagged as suspicious, and we need verification that you attempted to log in to allow it to proceed. This verification link will be valid for 15 minutes from the time it was sent. If you did not attempt this login, please change your password immediately.
**words, linked: login and verify
Just checkin'.
sweepbjames said
I see on the verification request screen, access similar to what I've set up for my login... a fingerprint sign in, that does logs me in. ...it also sends me an email request to get a verification code texted to me for login. I am now (for now) ignoring that request in hopes that it won't after a certain amount of times determine me to be foreign particle matter and shut me out until such time as I can work it out with an administrator. Meanwhile that email message looks like this:
WordPress wordpress@forums.homeorchardsociety.org via aumsville.dreamhost.com
Request Time: July 5, 2023 01:08:48 PMIP: 97.115.170.177
The request was flagged as suspicious, and we need verification that you attempted to log in to allow it to proceed. This verification link will be valid for 15 minutes from the time it was sent. If you did not attempt this login, please change your password immediately.
**words, linked: login and verify
Just checkin'.
I see access comparable to what I've set up for my login on the verification request screen, including a fingerprint sign-in that really logs me in<a href="sbylifestyle@gmail.com">.</a> It also sends me an email request to obtain a verification code texted to me for login. I am currently (for the time being) ignoring that request in the hopes that it won't eventually label me as foreign particle matter and ban me from the site until I can resolve the issue with an administrator. This is how that email message currently reads:
Idyllwild
simplepress
jafar
Marsha H
Viron
John S
1 Guest(s)