So I have the 2fa authentication in my prelogin.

Works great, except that if you just hit enter a bunch of times(aka don't
fill out a proper code)
it then drops out and says something like this didn't work would you like to send a notification to Embalmed. I say no, it says something about trying again, but it just moves on like I successfully authenticated.

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

So I have the 2fa authentication in my prelogin.

Works great, except that if you just hit enter a bunch of times(aka don't fill out a proper code)

Anyone know how to fix this? It says it was unable to authenticate me and to try again, but then it just moves on in the prelogin process. How do I keep the user from continuing until 2fa is completed if it is enabled for their account?

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

Anyone know how to fix this? It says it was unable to authenticate me
and to try again, but then it just moves on in the prelogin process.
How do I keep the user from continuing until 2fa is completed if it is enabled for their account?

Embalmed,

Which mod are you referring to? The dPR 2FA?

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

Anyone know how to fix this? It says it was unable to authenticate m and to try again, but then it just moves on in the prelogin process. How do I keep the user from continuing until 2fa is completed if it i enabled for their account?

If it is the dPR mod, you need to change:
hangup = True
in the script

Otherwise, it won't hangup and allow you to continue on. That's mainly there for debugging or testing.

Cheers,

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

If it is the dPR mod, you need to change:
hangup = True
in the script

Otherwise, it won't hangup and allow you to continue on. That's mainly there for debugging or testing.

AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure
how I missed that setting. It does indeed hangup with hangup = True, that is exactly what I needed.

<3

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
True, that is exactly what I needed.

Greetings sorry to butt in, where can I find this mod? I would like to
install it??

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)
* Origin: Abacus BBS (21:1/190)

Greetings sorry to butt in, where can I find this mod? I would like to install it??

I have it on my BBS in the SciNet: BBS Mods file area. I am sure it's
floating around elsewhere it's dpr_2fa

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
True, that is exactly what I needed.

No problem brother. I wrote that so if you have any issues, check the documentation or email me at dpr@deadbeatz.org (for dPR related stuff).

Cheers,

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

Greetings sorry to butt in, where can I find this mod? I would like to install it??

Nitro,

You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods.
I think it's even on Fidonet somewhere but that place is a mess.

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods. I think it's even on Fidonet somewhere but that place is a mess.

Thank you I will have a look there, I could not connect to blacklodgeresearch.org:4022 for some reason

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods. I think it's even on Fidonet somewhere but that place is a mess.

Thats right I cant login to your bbs as I dont have a code and have not been validated?

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
True, that is exactly what I needed.

Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing
in from an unrecognized IP address? Thanks in advance for educating me :)

|08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

--- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
* Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)

Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing in from an unrecognized IP address? Thanks in advance for educating me :)

mystic has a built in validator? where might i find that?

Regards,
Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

Thank you I will have a look there, I could not connect to blacklodgeresearch.org:4022 for some reason

Odd, it's definitely up, you can use the ftweb client also from https://blacklodgeresearch.org/bbs

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing in from an unrecognized IP address? Thanks in advance for educating me :)

this is on top of email validation, there is a different flag for whether a user has enrolled in 2factor. If it's setup on the account it will hangup
(as long as hangup=True as Analog pointed out) and not let a user login. It also gives the option to send a mail to the sysop if for some reason they
can't login and need to send a message (like they lost their phone or
whatever)

So basically it's opt-in second layer of required authentication

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

mystic has a built in validator? where might i find that?

Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
Action List Access Data
-Y Ask Yes/No (default Y !s20!OV Validate Email Address?
-V Validate e-mail address OK|OV 20


I have that in my prelogin

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
Action List Access Data

So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

mystic has a built in validator? where might i find that?

There was actually a thread here quite recently that out lined the steps (I just used it to set it up on my BBS!). I think it was called "email
validation" or something...

A few simple steps:

Setting up SMTP in Servers > General Options (not Configure Servers section). FYI mystic uses "sysop@<your domain>.com" as the SMTP address, make sure that address exists on your SMTP server (e.g. Gmail or whatever).

BTW - I ended up spinning up my own mail server on Hostwinds using this tutorial: https://bit.ly/2WD12XG - works great, but there were some gotchas
in setup. But now I have on-brand email addresses :)

Then you need to add the menu commands to the PRELOGIN menu, I ended up using the way g00r00 and others instructed in the message thread... For example:

Added these actions under default (NS) Action:

Use display my own help screen:
Command: (GD) Display a file
Access: !OV
data: validate

Then as if the user wants to validate for better access:
Command: (-Y) Ask Yes/No
Access: !OV
data: |CR Validate email address now?

If yes, do validation:
(-V) Validate email address
Access: OK!OV
Data: 20

When successful, it bumps the user to level 20.
If not successful, they get reminded every time to login to validate.
You could also add a menu item to check for !OV

I also went in and added a "validated" date to existing users just so they wouldn't get prompted, and possible have their level reduced lol.

Hope that helps!

I am curious if there is a benefit to 2FA mod tho?

|08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

--- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
* Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)

So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

That's right. You need to set up SMTP in Servers > General Options as I noted in my previous message, and also have access to SMTP relay server -- you
can do this with a Gmail account (Google SMTP Gmail) or you can setup your own mailserver on a virtual machine, as I decided to do.

One gotcha is that many host providers block the necessary port 25 (thanks, spammers) but I use Hostwinds which does not, and has not limits on the
number of emails you can send. I have a dynamic IP, which is complicated to setup a mailserver locally, so I opted for using a hosting provider. I'm planning on using it for more than just the BBS, so it's worth the $8
USD/month for me.

Cheers,

|08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

--- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
* Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)

On 23 Mar 2020, Embalmed said the following...

mystic has a built in validator? where might i find that?

Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
Action List Access Data
-Y Ask Yes/No (default Y !s20!OV Validate Email Address?
-V Validate e-mail address OK|OV 20

Like this ?

ßßßßßßßßßßßßßßßßßßßß Command Options ßßßßßßßßß

Command ³ (-V) Validate e-mail address
Data ³ 20
Access ³ OK|OV
Grid Event ³ Selected

--- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)
* Origin: SpaceSST BBS (21:1/129)

ßßßßßßßßßßßßßßßßßßßß Command Options ßßßßßßßßß

Command ³ (-V) Validate e-mail address
Data ³ 20
Access ³ OK|OV
Grid Event ³ Selected

--- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)

OK now I will demonstrate my complete ignorance, where is the name and
location of that file? I see the line numbers referenced in a lot of the whatsnew txt but I do not recall the file it references.

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

Yes, and you have to have mystic set up to point SMTP somewhere, I just run sendmail locally on the box and have it deliver that way.

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

OK now I will demonstrate my complete ignorance, where is the name and location of that file? I see the line numbers referenced in a lot of the whatsnew txt but I do not recall the file it references.

I edited the prelogin menu

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

I edited the prelogin menu

Son of a gun I got it working, here is my first validated account!!
Thank you everyone!

Validator (Nitro)<VBG>

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

I edited the prelogin menu

I may have claimed victory a little soon, I just logged into my board as the sysop and it asked me to validate my email address? The other thing I
noticed was when I highlighted NO to the prompt it still sent me an email. I guess the hard part is working getting it to actually send the email?? Any ideas or suggestions as to not ask users that have an ACS higher than 10?

Regards,

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

Thats right I cant login to your bbs as I dont have a code and have not been validated?

Hey Nitro,

You want in do you?

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

Son of a gun I got it working, here is my first validated account!!
Thank you everyone!

Nice work!

|08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

--- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
* Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)

You want in do you?

oh yes more than anything! <VBG>

Nitro

--- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
* Origin: Abacus BBS (21:1/190)

email?? Any ideas or suggestions as to not ask users that have an ACS higher than 10?

I think you would have to put !'s for every security level you have above 10 !s20!s30!s40 or whatever you are using. I wish there was a way to say if someone is already 20 or higher don't do this, but I do not believe such a thing exists.

|07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
|09Black Lodge Research BBS |11blacklodgeresearch.org:4022
|11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Black Lodge Research BBS (21:4/166)

email?? Any ideas or suggestions as to not ask users that have an AC higher than 10?

I think the correct way to do something like only level 5 but less than 20,
is:
s5!s20
Then anything 20+ is safe.

|20|15ÚÄ|16|08´ |08De|07ad|15be|07a|08tz b|07b|15s
|08ÀÄÙÃÄ¿ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
|04þ |08À|20|15Ä|16|08Ù |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
|04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
|04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04°±°|08±ÛÛÜÝ|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

--- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
* Origin: deadbeatz.org (21:2/123)

On 25 Mar 2020, Embalmed said the following...

I think you would have to put !'s for every security level you have
above 10 !s20!s30!s40 or whatever you are using. I wish there was a
way to say if someone is already 20 or higher don't do this, but I do
not believe such a thing exists.

This is a way, I am not using the program in question here, but I am using
the built in way, I put in my -V line in access S10|S15, I don't have a S15 access level so it only checks users who are set between 10 and 15 anyone
over 15 does not get checked...

--- Mystic BBS v1.12 A45 2020/02/18 (Windows/32)
* Origin: The Wrong Number Family Of BBS' - Wrong Number ][ (21:4/131)