New support for two-factor authentication. Use an app like andOTP or Authenticator Pro to store a secret for your account. This secret needs to be entered every time you login. It ensures that an attacker can’t access your account with the password alone.
Some server operators may defer the upgrade until 0.18.1 when captchas are back in place, as they were the only line of defense against bot signups on open (non application-based) instances that don’t require an email address/validation.
Captchas are not available in this version, as they need to be reimplemented in a different way. They will be back in 0.18.1, so wait with upgrading if you rely on them.
As someone who deleted an account on one server to create an account on another, I can say that my comment remained but my username did NOT.
Personally, I’d like a 2FA option, but the post on Raddle about privacy does not ring true to me. I can’t speak to the admin side of things, however.
0.18.0 that released today introduces TOTP-based 2fa.
Some server operators may defer the upgrade until 0.18.1 when captchas are back in place, as they were the only line of defense against bot signups on open (non application-based) instances that don’t require an email address/validation.
Thank you for this information.