For more high-security
Almost impossible for hackers now if added..


2-step verification:

To enable this:
- User must have their email confirmed
When enabled:
- When user logging in, the user must give a verification code send to their mail.

Account PIN:

To enable this:
- (Optional) When user tries to set an account PIN they must confirm it trough their email. (Verified email needed)
When enabled:
- When user tries to change settings to their account they must give the account PIN.
- (Optional) When user go to their stuff* they need to give the account PIN.

*stuff = “My stuff - manage projects and studios” if you don't understand

I log in and out of accounts way to often for something like the verification to be a thing.
Is hacking this bad of a problem?

No one has ever been hacked on Scratch.

Nero-Guineadoq wrote:

No one has ever been hacked on Scratch.

Source?

—

2-step Verification is nice, I do think it can be a tedious process, especially for kids who have their parents email for verification.

Wahsp wrote:

I log in and out of accounts way to often for something like the verification to be a thing.
Is hacking this bad of a problem?

No support ^^^

Hacking is not a big enough problem on Scratch for this to be a feature. (I have no proof of that, but nor do I have any proof that anyone HAS been hacked on Scratch. I think we would have heard about hacking incidents if it was a big problem).

MathlyCat wrote:

Nero-Guineadoq wrote:

No one has ever been hacked on Scratch.

Source?

—

2-step Verification is nice, I do think it can be a tedious process, especially for kids who have their parents email for verification.

Opt-in only, otherwise I don't think it is beneficial to Scratch

YubNubEwok wrote:

Wahsp wrote:

I log in and out of accounts way to often for something like the verification to be a thing.
Is hacking this bad of a problem?

No support ^^^

Please don't use this “No support” spam.
https://scratch.mit.edu/discuss/topic/215499/
I think that 2-step verification would be a great idea if it was optional, though could be very frustrating otherwise.

I don't think hacking is that bad of a threat. Most hackers do it either for money or for espionage purposes. For them, there's no sizable gain in hacking into a kids' website.

finn55 wrote:

YubNubEwok wrote:

Wahsp wrote:

I log in and out of accounts way to often for something like the verification to be a thing.
Is hacking this bad of a problem?

No support ^^^

Please don't use this “No support” spam.

That's incorrect. I wasn't spamming at all, I was simply saying no support and using the up arrow to show that I don't support for the reasons listed above.

I do not support, it is enough secure.

For everyone above: yes, accounts here have been broken into before and were even deleted, such as swifty2's account.

Semi-support for 2-step verification when logging in. This should only apply to new computers when logging in for the first time.

Full support for the PIN. This is a nice way to keep your stuff safe from people that break into your account.

Zekrom01 wrote:

For everyone above: yes, accounts here have been broken into before and were even deleted, such as swifty2's account.

Semi-support for 2-step verification when logging in. This should only apply to new computers when logging in for the first time.

Full support for the PIN. This is a nice way to keep your stuff safe from people that break into your account.

2-step verification is really quite annoying.
You don't need to worry about any of this if you've actually got a secure password.