I have seen time and time again on various websites that users have their account passwords "cracked" (Someone was able to use software to figure out a user's password). In today's developer blog, I would like to discuss some ways in which AD makes your account secure (with your help, of course). Let's discuss:
AD has many ways to help secure your account. Our entire back-end is protected by 2-Factor Authentication. The same can be said about our database credentials. However, there's a few things that some users may not know about the actual website that I'd like to cover here.
1. If a user fails a login more than 3 times, their account enters a special "Locked" status, which disables logins for that account for 15 minutes. Repeated attempts and failures will be logged into our administrator control panel. The only way to unlock an account is to wait. If a user cannot remember their password, there is a Password Reset feature on the login page.
2. Users can optionally add 2 Factor Authentication to their account by visiting their Account Security page. Here you can add either question and answers, or an actual app such as Google Authenticator. We have also added support for Duo Mobile now as well.
Using these tools is the first step in keeping your account secure. We highly recommend adding at least the Question and Answer security method to help us keep your account secure.
Edited by Alex Wright