Jump to content

Soundcloud wants to force me into using a F2A app I dont want just to sign in.

kennywtelejazz

By kennywtelejazz
in The Coffee House

 Share

Recommended Posts

paulo

paulo

Posted
Posted
8 hours ago, Shane_B. said:

Irt my password from here being put out on the net

My password for this site was stolen once....

A few days later they sent it back to me with a note saying that as they had since wasted several hours of their lives sifting through endless amounts of bollocks they were giving it back to me as a punishment.

  • Like 1
  • Great Idea 1
  • Haha 3
Link to comment
Share on other sites
  • Replies 43
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

paulo
paulo

My password for this site was stolen once.... A few days later they sent it back to me with a note saying that as they had since wasted several hours of their lives sifting through endless amount

Byron Dickens
Byron Dickens

Um.... Take a deep breath and relax some. Two Factor Authentication is there to increase security and help protect privacy.

kennywtelejazz
kennywtelejazz

So the consensus here is I'm probably better off if I just stop wrestling  the whole internet and get this thing . Kenny

Posted Images

Rain

Rain

Posted
Posted
23 hours ago, Shane_B. said:

I got a message from Google a few weeks ago the my forum credentials were compromised and I changed my passwords immediately.

The 2 factor and the authorization thing isn't as bad as it seems. There's an official Google Authemticstor app that is used to do the authentication if I remember correctly. I had to use it once or twice. There's the initial setup then I never had to do it again. I can't even remember what I had to use it for to be honest. 

Irt my password from here being put out on the net, if you save your passwords in Chrome they are checked regularly. I think how it works is, if you use the Google Authenticator the password can't be changed unless it's done from the location the Authenticator was installed. It's been a long time since I did it but I think that's how it works.

IMO I think it's a good thing. I always have everything set to send me a code on my cell if there is a login from anything other than my cell or PC. Edit: let me rephrase and say that everything that has the security option to send a code. Not everything does.

Same. I know I do have the Google one because I see it in my apps but I don't think I ever had to use it after the initial setup. That may have been fro my previous job, where they used the Google suite.

I also have the Microsoft one because it's mandatory at work and also because someone managed to steal my hotmail credentials in 2019. I remember the first time I looked at the log of failed login attempts. I was a little shocked, although I really shouldn't have been.

I still see 20-some attempts on any given day. 

ScreenShot2024-02-20at7_28_08PM.thumb.png.0a2ea3ff338236eba40e760fbaf2a42c.png

If tapping on a number to confirm my identity on my cell phone can make things a little safer, I don't mind. 

  • Like 1
  • Sad 1
Link to comment
Share on other sites
  • 11 months later...
Kris Vango

Kris Vango

Posted
Posted (edited)

This is because apps want to ping to your phone and gather data on your location and then sell that data off to make more profit. And why many are demanding this use. Do not be naive. Push back. Also it means that ifg you lose your phone you lose your access to all your banking, soundcloud etc. So it is a terrible idea. We must push back against this. Demand they remove it and that it is a opt in only option. To force this on consumers is absolutely unethical . I travel a lot and 2FA is the bane of my existence and having to install and remove mutliple sim cards to get into accounts and pay bills. It is a *****ing mess. I have never had any cyber threat and until i do, i do not require any further applications forced onto me under the guise of "safety and security" as soon as i hear those terms, i know something dark is going on. 

Edited by Kris Vango
  • Like 1
Link to comment
Share on other sites
craigb

craigb

Posted
Posted
On 2/20/2024 at 7:40 PM, Rain said:

Same. I know I do have the Google one because I see it in my apps but I don't think I ever had to use it after the initial setup. That may have been fro my previous job, where they used the Google suite.

I also have the Microsoft one because it's mandatory at work and also because someone managed to steal my hotmail credentials in 2019. I remember the first time I looked at the log of failed login attempts. I was a little shocked, although I really shouldn't have been.

I still see 20-some attempts on any given day. 

ScreenShot2024-02-20at7_28_08PM.thumb.png.0a2ea3ff338236eba40e760fbaf2a42c.png

If tapping on a number to confirm my identity on my cell phone can make things a little safer, I don't mind. 

Hey Rain, when they say someone is "known Worldwide!" this isn't what they mean!  Just sayin'. 😉

  • Like 1
  • Haha 1
Link to comment
Share on other sites
sjoens

sjoens

Posted
Posted (edited)

Things like this mostly protect/control/hinder your access to stuff... not the stuff itself or professional hackers who want it.

My phone has finger print access but too often tells me I've exceeded the allowed number of attempts when I never even touched it.

Edited by sjoens
  • Like 1
Link to comment
Share on other sites
PhonoBrainer

PhonoBrainer

Posted
Posted

<spoiler alert: I was a decades-deep SC user, and I dropped them two years ago>

Regardless of any comfort issues you may have with login/authentication things, you should consider dropping them anyway.

1) filled with fake bots that "love" your tunes. Immediately after you post them.

 

2) The cases where bad actors downloaded a indie group's tunes, and re-uploaded them under the BA's own name, got some streaming royalties? and established copywrite on them. That's fraud and theft.

 

3) last I heard, the only reason SC is still solvent is they rely on venture capital loans. So it's not "by musicians, for musicians" at all.  Expect to be preyed upon and treated like sheep.

 

4) if you are using it as an upload site for demos or sharing, it's better and cheaper to roll your own website. Bandzoogle or equivalent, and share your links to your tunes here or on social media as much as you want.

 

5) SC "pro" is like $160 a year. Fun fact: when I finally did not renew, they kept "autorenew" charging my credit card. So I emailed their billing tech support, several times, initially no response. Finally a bot email: "thank you for your concern, we'll examine the billing and get back to you" . . 

 Months go by, no follow up from SC. I finally turned the matter over to my CC company, who eventually reversed the charge. Took me a year to get my $160 back

 

6) if your primary utility for it is an audio storage system, better to create a YouTube account. . . SC could die tomorrow, but YouTube seems to be as futureproof as

download(3).jpeg.1a4099062618bb66d8abadfafea1e30c.jpeg

  • Like 2
Link to comment
Share on other sites
Amberwolf

Amberwolf

Posted
Posted (edited)
1 hour ago, PhonoBrainer said:

6) if your primary utility for it is an audio storage system, better to create a YouTube account. . . SC could die tomorrow, but YouTube seems to be as futureproof as

download(3).jpeg.1a4099062618bb66d8abadfafea1e30c.jpeg

It's also a little closer and easier to play, with slightly higher bandwidth. ;)

 

FWIW, I used to have a SC page https://soundcloud.com/user-792388526 , but after so many spam-likes I removed all the tracks and just use it as a link-page to my Bandcamp https://amberwolf.bandcamp.com/ .

 

(and soundclick https://www.soundclick.com/amberwolf , but that's a virtually dead site; anything I post there can get like 1 listen and suddenly be in the top 1000 of the entire site's charts :lol: .   I still use it to host experimental stuff that isn't ready to go on the bandcamp page or alternate / older versions of BC "final" songs). 

Edited by Amberwolf
  • Like 1
Link to comment
Share on other sites
kennywtelejazz

kennywtelejazz

Posted
  • Author
Posted (edited)

It has been a year since I put this thread out there . I am shocked at how much worse things have become for me as far as online sites have become as far as  ignoring  my privacy while trampling on my  right to exercise my autonomy ...

Now to sign into every e mail acct I have ( all of which I have had for 20 + years w no problems )

They now think I have to receive a text with a code to log in after to my e mail once I have proven I am not a Robot ...This happens multiple times and they don't even give me the whole day ....If I log out I have to go through this BS every time all over and over again 🤬

So I call them up and spend an hour and 15 mins on the phone on a tech call and they ask me if I'm using multiple devices to access my e mail. I tell them what difference should that make I own my devices for years , I have used them all with no problems what so ever and I have a right to use what I have when I choose to ...

Incredibly the tech woman was shocked that I had the audacity  to mention this fact and she tried to tell me I should stick to using only one device ..

WTF ? So I told her I hope you are recording this conversation ....I knew they were but I mentioned that fact anyway ...

Next I  say to her let me ask you a question ...Do you own more than one pair of shoes ? silence .....

I say OK how would you feel if every time you wanted to wear a different pair of shoes from your shoe collection a policeman pulled you over and gave you the third degree ??  silence ....

Any way I'm not happy about the way any of this whole assault on my personal privacy is playing out and I stick to what I have said here previously

I'm glad you guys chimed in . I hope to respond proper later on in the day .

all the best ,

Kenny

 

 

Edited by kennywtelejazz
  • Like 1
Link to comment
Share on other sites
Jeremy Oakes

Jeremy Oakes

Posted
Posted
3 hours ago, kennywtelejazz said:

It has been a year since I put this thread out there . I am shocked at how much worse things have become for me as far as online sites have become as far as  ignoring  my privacy while trampling on my  right to exercise my autonomy ...

Now to sign into every e mail acct I have ( all of which I have had for 20 + years w no problems )

They now think I have to receive a text with a code to log in after to my e mail once I have proven I am not a Robot ...This happens multiple times and they don't even give me the whole day ....If I log out I have to go through this BS every time all over and over again 🤬

So I call them up and spend an hour and 15 mins on the phone on a tech call and they ask me if I'm using multiple devices to access my e mail. I tell them what difference should that make I own my devices for years , I have used them all with no problems what so ever and I have a right to use what I have when I choose to ...

Incredibly the tech woman was shocked that I had the audacity  to mention this fact and she tried to tell me I should stick to using only one device ..

WTF ? So I told her I hope you are recording this conversation ....I knew they were but I mentioned that fact anyway ...

Next I  say to her let me ask you a question ...Do you own more than one pair of shoes ? silence .....

I say OK how would you feel if every time you wanted to wear a different pair of shoes from your shoe collection a policeman pulled you over and gave you the third degree ??  silence ....

Any way I'm not happy about the way any of this whole assault on my personal privacy is playing out and I stick to what I have said here previously

I'm glad you guys chimed in . I hope to respond proper later on in the day .

all the best ,

Kenny

 

 

Its just the way it is today, unfortunately. I’ve had my Disney, EA and other accounts hacked, and it was no fun getting them back. So now i embrace the F2A checks. If it stops crooks using my accounts then i’m all for it. I use the MS system like @Rain and after a year of changing / securing passwords etc i’m glad i have it and yet i still see 16 year old morons trying their best to get into certain accounts of mine and from all over the world. 

Kenny, YMMV, but i’m happy having it.

  • Like 1
Link to comment
Share on other sites
kennywtelejazz

kennywtelejazz

Posted
  • Author
Posted (edited)

From what I have read here so far  , I guess I'm gonna have to just bite the bullet and get used to the Idea that when it comes to the internet and social media I am no longer a free range human being anymore .

" Once a Pickle never a Cucumber again " 

Thank you everyone for your feedback and comments .

Kenny

 

Edited by kennywtelejazz
  • Like 1
Link to comment
Share on other sites
Rain

Rain

Posted
Posted (edited)
On 1/25/2025 at 9:25 AM, craigb said:

Hey Rain, when they say someone is "known Worldwide!" this isn't what they mean!  Just sayin'. 😉

🤣

An extra 2 cents...

Last September when my old iPhone started exhibiting signs that I needed to look for a replacement, I decided to save money and get a Samsung instead. I lasted a month and then switched back to Apple. But the whole time, I did not have Authenticator installed on any of these until a few weeks ago when I was prompted to use it when I logged into my corporate Outlook account at work. 

On my end, Microsoft is pretty much the only company I deal with that constantly wants to verify my identity by means of texts or calls. And on these rare occasions, Authenticator. As for the rest, my iPhone is set to prompt me anytime an app or a site is requesting my location - most of the time, it's Google. I hate Google with a passion but I have yet to be able to get used to something else, and for type of trivialities that I look up online, its awful bias isn't much of a concern.

The day it turns up a picture of Greta when I am looking for an image of a raccoon eating sushi, I'll reconsider. 

 As for MS, I've had the old Hotmail account for almost 25 years but I've recently started to migrate to iCloud for my personal stuff. 

On a related note - the company I work for recently implemented one of those "security" feature, by issuing a code sent by email when people use the app - even when they are already logged into said app. So I guess it really is everywhere now. Not a fan, I must say.

Edited by Rain
Link to comment
Share on other sites
Shane_B.

Shane_B.

Posted
Posted

I don't know of it's due to everything being set to private and I have almost no views or something I've been screwing up, but everything I upload to youtube is converted from the original uncompressed 1080p to compressed 720p and saved that way in my account. When I download my "original" video from my account, it's the 720p file.

That said, if you have a YouTube Premium account, you can upload all of your music to YouTube Music using FLAC or MP3 and a few other types, but only you can see it and listen to it. You can't share it.

I never got into FLAC so I have no idea how it compares to a 44.1/24bit or 16bit wav, but I seem to remeber reading that its lossless as if listening to the original wav master.

  • Like 1
Link to comment
Share on other sites
Byron Dickens

Byron Dickens

Posted
Posted
On 1/25/2025 at 4:40 AM, Kris Vango said:

This is because apps want to ping to your phone and gather data on your location and then sell that data off to make more profit. And why many are demanding this use. Do not be naive. Push back. Also it means that ifg you lose your phone you lose your access to all your banking, soundcloud etc. So it is a terrible idea. We must push back against this. Demand they remove it and that it is a opt in only option. To force this on consumers is absolutely unethical . I travel a lot and 2FA is the bane of my existence and having to install and remove mutliple sim cards to get into accounts and pay bills. It is a *****ing mess. I have never had any cyber threat and until i do, i do not require any further applications forced onto me under the guise of "safety and security" as soon as i hear those terms, i know something dark is going on. 

It didn't used to be like that. I have seen many times the suggestion of getting a cheap prepaid and using it for 2fa and nothing else.

  • Great Idea 1
Link to comment
Share on other sites
Shane_B.

Shane_B.

Posted
Posted
14 hours ago, Mr No Name said:

tell them to eff off. what does a music website need 2 factor authenification for?

2fa is used so if your password is stolen your account can't be accessed by the person who stole it. It's not used for data mining. You can have the 2fa code sent to your email account or texted to you. A few places also use an authenticator app/program. 2fa isn't a bad thing, it's a good thing.

  • Like 3
Link to comment
Share on other sites
Mr No Name

Mr No Name

Posted
Posted
7 hours ago, Shane_B. said:

2fa is used so if your password is stolen your account can't be accessed by the person who stole it. It's not used for data mining. You can have the 2fa code sent to your email account or texted to you. A few places also use an authenticator app/program. 2fa isn't a bad thing, it's a good thing.

We could get into a long and drawn out debate about this subject, but the fact is that 2fa is a form of ID check. I would suggest that soundcloud (or anyone else) should give their subscribers a choice of whether they want to use the 2fa system or not, they should have a choice to opt out imo, much like the poster Kenny said, It is also obvious as he said that people will in many cases have more than one device, if you decide to log on on another one you should not be OBLIGED to use 2fa to log in.  On a slight side note you will usually see an option to use google of facebook to use as a verification.

2fa for banking purposes is a different story and a necessary security protocol when using a mobile phone.

  • Like 1
Link to comment
Share on other sites
AndyB01

AndyB01

Posted
Posted (edited)

MFA, pass keys, biometrics and tokenless authentication are becoming mainstream across online services, regardless of the perceived or actual risk associated with the platform content.

Most users will accept this for banking and financial services but balk at its use for the likes of Facebook, X, chat forums and other non-critical services (such as music hosting).

I can understand why: extra steps, tied to specific devices, privacy concerns... the list goes on. However the reality is that passwords have had their day. As authentication goes, a simple username and password is a piss-poor security control - unless a really strong and unique password is used; even then you are still relying on a single authentication factor with no defence-in-depth.

Password Manager apps make the set up and routine use of strong, unique passwords a breeze - and yet - research shows that only 34% of people going online routinely use a password manager (2024).

As ever, in the IT and cyber world, a lack of standardisation creates a complex array of options that are neither well-integrated across platforms nor are they endearing to users, who often work across multiple devices, platforms, browsers and operating systems - so you end up having multiple solutions for what should only be one job.

I don't see this situation improving in the short-term, but IT providers need to be turning users on to better cyber security rather than off it; through simplified delivery pathways, improved consistency and wider cross-device, cross-app and cross-platform integration.

There's an old saying that adding technology to poorly designed systems and business processes simply speeds up the mess. Maybe a focus on systems and process needs to come before more technical innovation.

We can but live in hope...

Andy

Edited by AndyB01
Typo
  • Like 2
  • Great Idea 1
Link to comment
Share on other sites
Shane_B.

Shane_B.

Posted
Posted
2 hours ago, Mr No Name said:

We could get into a long and drawn out debate about this subject, but the fact is that 2fa is a form of ID check.

Partially correct. It is not an ID check as in they want your name and address. It is a verification check that the person who created an account is the one trying to sign in from a different device, or change the password, etc. etc..

You have the option to send a verification code to any email account you choose, say for example the one you used to sign up with initially, or a different one, or have it texted to your cell. My bank has a 3rd option to call your cell using an automated system.

I can see people not wanting it texted. I can understand people not wanting to be forced to use 2fa. But it's not putting your privacy at risk at all. Make a specific email account for 2fa and use that. I did. Been using 3 accounts for years solely for verification and software registration.

That said, I've never been forced to verify an account except for Google and Facebook. I'm surprised Soundcloud does, but it doesn't bother me in the least. Personally I think it's a great idea, but to each his own.

  • Like 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...