- Blind mode tutorial
lichess.org
Donate

Is there a way to enable two-factor authentication using the PC app?

#1

It doesn't seem like the PC app generates an authentication code that can be used to enable two-factor authentication. Am I missing something?

P.S. My eyesight is not good enough to use the phone app.

It doesn't seem like the PC app generates an authentication code that can be used to enable two-factor authentication. Am I missing something? P.S. My eyesight is not good enough to use the phone app.
#2

Hi!

Two-factor authentication means that you will use a combination of two methods to authenticate.
The two methods to combine are:

  1. Password for your Lichess account
  2. Generated code from an app on a mobile device (Android or iOS/iPhone)

(There exists methods where one does not need a mobile device, but some other type of software/hardware - but I don't know if such a method is possible with Lichess - I don't see it mentioned in https://lichess.org/account/twofactor )

So to enable two-factor authentication, I think you will need to install a code generating app on a mobile device.
That is, you can not generate the code without the app on the mobile device.

The account preferences page for two-factor authentication has links to recommended mobile device apps which can be used to generate the code.

So if by "PC app" you mean a Web Browser on a computer, you can only do the first method (Password for Lichess account),
but in order to use the second method (generated code) you would need a "Mobile app".

Hi! Two-factor authentication means that you will use a combination of two methods to authenticate. The two methods to combine are: 1. Password for your Lichess account 2. Generated code from an app on a mobile device (Android or iOS/iPhone) (There exists methods where one does not need a mobile device, but some other type of software/hardware - but I don't know if such a method is possible with Lichess - I don't see it mentioned in https://lichess.org/account/twofactor ) So to enable two-factor authentication, I think you will need to install a code generating app on a mobile device. That is, you can not generate the code without the app on the mobile device. The account preferences page for two-factor authentication has links to recommended mobile device apps which can be used to generate the code. So if by "PC app" you mean a Web Browser on a computer, you can only do the first method (Password for Lichess account), but in order to use the second method (generated code) you would need a "Mobile app".
#3

@tors42 said in #2:

There exists methods where one does not need a mobile device, but some other type of software/hardware - but I don't know if such a method is possible with Lichess - I don't see it mentioned in lichess.org/account/twofactor
Lichess uses standard TOTP so any software that supports calculating TOTP codes will be fine. I'm using KeePassXC but I'm not sure if it's available for Windows. But I'm pretty sure there are many windows applications that can do it.

It would be nice if e.g. a FIDO2 token could be used as an alternative but lichess does not support that, unfortunately.

@tors42 said in #2: > There exists methods where one does not need a mobile device, but some other type of software/hardware - but I don't know if such a method is possible with Lichess - I don't see it mentioned in lichess.org/account/twofactor Lichess uses standard TOTP so any software that supports calculating TOTP codes will be fine. I'm using KeePassXC but I'm not sure if it's available for Windows. But I'm pretty sure there are many windows applications that can do it. It would be nice if e.g. a FIDO2 token could be used as an alternative but lichess does not support that, unfortunately.
#4

I use a PC and two-factor authentication is an unwelcome imposition.
The only way I've found to logon is to request an email link. I really hope better methods become available without imposing too much hassle on the user.

I use a PC and two-factor authentication is an unwelcome imposition. The only way I've found to logon is to request an email link. I really hope better methods become available without imposing too much hassle on the user.
#5

I think it's only a requirement if one uses a public proxy or a shady VPN, basically where your credentials can potentially be stolen. Everyone else is just advised to use it and titled players and team owners nagged about it, because if something happens to their account or their team, it will the their responsibility.

I think it's only a requirement if one uses a public proxy or a shady VPN, basically where your credentials can potentially be stolen. Everyone else is just advised to use it and titled players and team owners nagged about it, because if something happens to their account or their team, it will the their responsibility.

This topic has been archived and can no longer be replied to.