As part of our infrastructure upgrades to prevent the “bad apples” we discussed with the Email Upgrades blog, we will be adding Simple Multi Factor Authentication to the pages where fraudulent behavior can happen. This initial release will be for sending emails and editing payment account information. These are obviously places where the bad apples can send spam email in bulk, or where funds can be misdirected.
This will be a light weight implementation, where we will send an email to confirm the user. Once confirmed, we will remember the device for 30 days to try to minimize the overhead of this security measure. Here is a screenshot of what the email with verification code looks like:
We want to create and operate a very easy to use platform, however we offer very powerful capabilities and there is a need to ensure security and safety.
We also would suggest that all event directors implement the suggestions we make in this blog.