Two-Step Verification and Security Improvements Two-step verification, also known as two-factor authentication, requires you to provide two pieces of information to login. The general form is expressed as "something you know and something you have". "Something you know" is your password. "Something you have" is the new part. You may have seen this with other services, such as Google accounts. If you're familiar with that, you'll understand how it works on Netrider. Two-step verification is something a user has to opt into sometime after they have registered. Enabling it increases security at the expense of a slightly more complex login procedure. For many users - particularly ones that just lurk or only have a few posts - the "value" of their account is low so the cost may outweigh the benefit. However, for privileged users, the extra security should be worthwhile. When you've enabled two-step verification, you will login with your username (or email) and password as normal. Once those are verified, we will determine if two step verification is needed. If so, you'll need to take the appropriate steps to complete that. Upon receiving that verification, you'll be logged in as normal. If selecting the option, you can remain logged-in on a device for up to 30 days before two-step verification is required again. Activate two-step verification Two-Step Verification: Losing Access A common concern with two-step verification is what happens if you lose access to all of your two-step verification methods. We have attempted to mitigate that as much as possible. Backup codes are really generated for this exact situation. If you lose your phone or your email is no longer valid, the backup codes will still work. However, this does require saving them once they're generated. This is something that not all users will do. Disabling two-step verification only requires access to the password when you're already logged in. If users choose to trust a device, this very likely means that they will still have access to their account. Once they verify their password, they'll be able to change their two-step verification settings as necessary. Profile post comment improvements Ability to like profile post comments Profile post comments now support the like system. Soft deleting profile post comments Comments can now be reported They can be undeleted (if soft deleted) Ability to soft delete comments in the same way you can soft delete profile posts. Ability to search profile post comments Profile post comments are now indexed and are searchable from the global search or from the search page They can be approved/unapproved Warnings can be issued on comments Improvements to notices Displaying an image (visitor's avatar or custom image) New! Floating notices Link title conversion When a post is made, links can automatically be converted to show the title of the page they link to.