Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Matthias42
Contributor

How can i get an actually usable login process for checkpoint websites?

Hi,

i just spend >30min of my life because 

1. CP forced me to reset my password

2. that would require solving a google capcha, that never ended. Had to start the whole password reset procedure 3 times, At the third attempt the captcha ended after 6 pages.

3. Every login now requires an SMS!  Including all subsites under checkpoint.com. Including this forum!

 

How can i get rid of all this nonsense? 

 

How many more barriers do you want to put up, to get rid of your customers?

12 Replies
PhoneBoy
Admin
Admin

I've passed your feedback along to the relevant team internally.

0 Kudos
Matthias42
Contributor

Thanks.

0 Kudos
_Val_
Admin
Admin

@Matthias42 Thanks for your feedback.

We took a look into the issue you reported and saw that you did not log with your UserCenter for the last 9 months, till today. Your password expired at that time, and you had to renew it.

As a security company, we take the security of our customer and partner accounts very seriously. We now require MFA on all UserCenter requirements to make sure user data is protected.

You can set one-time password to be sent via an SMS, or you can enroll in one of the popular authentication apps, such as Google Authenticator or others. 

Most importantly, you can also choose the "remember me" option to avoid typing in your 1TP for every login.

I hope this addresses your concerns.


(1)
Matthias42
Contributor

my main problem is the google captcha. It often never finishes.

2FA as a requirement for a forum seems a bit excessive?

Also 2FA with SMS is an annoyance, but not really secure. Look up SS7 roaming. It has no authentication. Everybody can collect your SMS, if he knows how. The interface is exposed to everyone via many web voip providers.

 

(1)
_Val_
Admin
Admin

@Matthias42 I sure understand. As already said, you can use a 1TP app of your choice instead of SMS. I do just that myself. Captcha only appears if you are running your session from an anonymous window, or after clearing your web cache. Also, we are using the same Identity Provider SAML for the UserCenter, Partner Map, CheckMates, and other tools requiring authentication, so there is no way to remove MFA just for the community, even if we wanted.

You can suppress MFA for 30 days by choosing "Remember" option. 

Screenshot 2024-09-17 at 12.01.37.png

This setting is global, and it will affect all websites that use UC login. I hope this helps.

0 Kudos
Nik_Bloemers
Advisor
Advisor

I have to agree with the CATPCHA problem, the amount is sometimes ridiculous. Every time I have to solve one, sometimes like 4 or 5. Multiple times a day too, since you get logged out pretty quickly. I've clicked more motorcycles and crosswalks on checkpoint.com in a week than on the rest of the entire internet in like 3 months.

(1)
G_W_Albrecht
Legend Legend
Legend

The forum and the user center account have the same log in, so 2FA is an important security measure. I use MS Authenticator (as i also have to use it for my work) for 2FA...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
the_rock
Legend
Legend

I believe @PhoneBoy mentioned before it forces you every 6 months now to reset the password. As far as CAPTCHA, I find it bit silly, but that appears to be on so many sites now : - )

Andy

0 Kudos
Nik_Bloemers
Advisor
Advisor

I actually just had to finish 11 (!!!!) CAPTCHA's before being allowed through. This is absolutely ridiculous, please fix this. It makes the website unusable.

PhoneBoy
Admin
Admin

The team responsible for our IdP is looking into this.

0 Kudos
Christian_Opitz
Contributor
Contributor

The Captchas are more and more frustracting. Over 20 Captchas in 3 Browsers and no success today :(. And this with MFA! Collegues complain about simular problems. I was only successful on another PC where I only need my MFA without Captchas today.

0 Kudos
_Val_
Admin
Admin

Christian, please make sure you allow cookies from Check Point sites. Also, escalated internally.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events