LGF: New Server Update
Following our move to the new server (seen above, I wish), I’ve been fixing the bugs as quickly as they make themselves known. We upgraded from PHP 5.6 to the latest PHP 8, there were a helluva lot of changes, and some of them were of the crashing variety.
Today I fixed another issue caused by that upgrade: if you were using our two-factor authentication (2FA) feature with a cell phone number, you’ll find when you try to log in that 2FA has been disabled and you can sign in with just your password.
This was necessary because the encryption library I was using to secure cell phone numbers in our database has been rudely eliminated from PHP 8, and I was forced to re-code those functions using the newer openssl libraries. It’s better in the long run, more secure; but the new encryption format is not backward-compatible with the old. Therefore, I’m turning off 2FA for anyone whose number was stored with the old encryption method.
If you wish to re-enable it, just go to your Account Settings and mess around with the Two-Factor Authentication section of that page.
Cell phone auth should actually be more reliable now than it was on the old server, because our new email system supports the DKIM and SPF protocols that help the big email providers know it isn’t spam.
However, also note that I can’t always guarantee things will work smoothly with cell phone 2FA, because the cell companies are always messing with this stuff and changing addresses on us, and I’m too cheap to pay for a service. For those reasons I always recommend that people wishing for the extra security afforded by 2FA use one of the widely available authenticator apps, which we also support. Google Authenticator is a good place to start, but there are many others available for every platform.