Compare commits
1 commit
Author | SHA1 | Date | |
---|---|---|---|
109080cd26 |
2 changed files with 2 additions and 2 deletions
|
@ -77,5 +77,5 @@ TL;DR 非正式版本:據我們所知,我們是聯邦宇宙中最透明、
|
|||
### 帳戶安全
|
||||
|
||||
- **使用強密碼**:為了確保我們的網站不依賴第三方服務,我們僅對失敗的登入嘗試使用冷卻期。請使用不易被猜到的強密碼。
|
||||
- **啟用雙重認證**:我們支援使用 TOTP 或 WebAuthn 的雙重認證。您可以在「安全性」標籤的帳戶設定中啟用它。我們已經更改了上游的行為,這樣,如果您僅將硬體金鑰用於2FA,我們將不喜歡但不要求您使用密碼保護您的硬體金鑰,因為硬體金鑰的系統使用者通常會保留物理密鑰。
|
||||
- **啟用雙重認證**:我們支援使用 TOTP 或 WebAuthn 的雙重認證。您可以在「安全性」標籤的帳戶設定中啟用它。我們已經更改了上游的行為,這樣,如果您僅將硬體金鑰用於2FA,我們將不要求您使用密碼保護您的硬體金鑰,因為硬體金鑰的系統使用者通常會保留物理密鑰。
|
||||
- **重置您的登入權杖**:這是目前從上游繼承的限制,我們正在研究解決方案,但與此同時,請不要依賴註銷功能、請轉到“設定”->“安全性”->“重新產生登入權杖”」以重置您的令牌、如果您懷疑您的登入會話不再安全。
|
||||
|
|
|
@ -79,5 +79,5 @@ This information is sent to a third-party service [Grafana Cloud](https://grafan
|
|||
### Account Security
|
||||
|
||||
- **Use a Strong Password**: In order to guarantee our website does not depend on a third-party service, we only use a cool-down period for failed login attempts. Please use a strong password that is not easily guessable.
|
||||
- **Enable Two-Factor Authentication**: We support two-factor authentication using TOTP or WebAuthn. You can enable it in your account settings in the "Security" tab. We have changed the behavior from upstream such that if you only use your hardware key for 2FA, we will not prefer but not require you to password-protect your hardware key as it is a common practice for systematic users of hardware keys to keep a physically secure backup key.
|
||||
- **Enable Two-Factor Authentication**: We support two-factor authentication using TOTP or WebAuthn. You can enable it in your account settings in the "Security" tab. We have changed the behavior from upstream such that if you only use your hardware key for 2FA, we will prefer but not require you to password-protect your hardware key as it is a common practice for systematic users of hardware keys to keep a physically secure backup key.
|
||||
- **Reset your Token**: This is currently a limitation inherited from upstream and we are working on a solution, but in the meantime, please go to Settings -> Security -> Regenerate Login Token from a secure device to invalidate all your sessions whenever you logged in from a public computer or suspect one of your sessions has been compromised.
|
Loading…
Reference in a new issue