Monday, May 8, 2023

New feature: Two-Factor Authentication

What is Two-Factor Authentication and how does it work?

Two-factor authentication (2FA), also known as multi-factor authentication (MFA) is a security process that requires a user to provide two different forms of identification before being granted access to a system, account, or device.

The first factor is typically a username and password, the second factor is something the user has, such as an email, mobile device or hardware token.

Bookmark Ninja uses an email-based two-factor authentication. Email-based two-factor authentication is a security process that uses email as the second factor of authentication.

When the user enters their username and password to log in to their Bookmark Ninja account, an email containing a unique one-time security code is sent to the email address associated with the account. The user must then enter this code on the login screen in addition to their password to complete the login process.

By requiring two different factors, 2FA provides an additional layer of security and makes it much more difficult for unauthorized users to gain access to a system or account. Even if a password is compromised or stolen, the second factor acts as a barrier that makes it difficult for attackers to gain access.

How to turn on Two-Factor Authentication?

(1) Select "User/Account" in the main menu of Bookmark Ninja.

(2) On the "Account" page click on "Turn on" next to "Two-Factor Authentication: OFF". A security code will be sent to your email address and the "Turn on Two-Factor Authentication" dialog box will show up.

(3) Enter the code on the "Turn on Two-Factor Authentication" dialog box then click on "Turn ON".


How to login when Two-Factor Authentication is turned on?

(1) Click on "Login" in the main menu of Bookmark Ninja.

(2) Enter your username and password then click on the "Login" button or press enter. If it's not your computer then make sure to uncheck "Keep me logged in".

(3) If Two-Factor Authentication is turned on, a security code will be sent to your email address associated with your account.

(4) On the Two-Factor Authentication screen enter the code and click on the "Submit" button or press enter.

The security code that is sent to your email address is valid for 5 minutes.

If invalid codes are entered 5 times in a row you will need to re-enter your password and username.

How to turn off Two-Factor Authentication?

(1) Select "User/Account" in the main menu of Bookmark Ninja.

(2) On the "Account" page click on "Turn off" next to "Two-Factor Authentication: ON". A security code will be sent to your email address and the "Turn off Two-Factor Authentication" dialog box will show up.

(3) Enter the code on the "Turn off Two-Factor Authentication" dialog box then click on "Turn OFF".


How to change your email address when Two-Factor Authentication is turned on?

Since Bookmark Ninja is using an email-based Two-Factor Authentication, if you want to change your email address then the new email address has to be verified.

(1) Select "User/Account" in the main menu of Bookmark Ninja.

(2) Click on "Change" next to your email address.

(3) Enter your password and your new email address then click on "Save". A security code will be sent to your new email address and the "Verifying Email Address" dialog box will show up.

(4) Enter the code on the "Verifying Email Address" dialog box then click on "Submit".


Two-Factor Authentication on mobile devices

Two-Factor Authentication works the same way in mobile browsers as in desktop browsers. You can setup 2FA on the Account page and all the 2FA related pages have their mobile optimized versions.



Tuesday, March 28, 2023

Fixing the "error when user right mouse clicks on a bookmark" issue

Users might get the "Oops, something went wrong..." error message when they right mouse click on a bookmark on the Dashboard to invoke the bookmark context menu.

It happens when a browser extension is running in the browser that changes the content of the Bookmark Ninja Dashboard. It changes the IDs of the components of the web page (the Dashboard) which causes the error. This is a very bad behaviour of a browser extension, the browser web stores should refuse the submission of such extensions. These extensions can harm the functionalities of the web applications.

Typically browser extensions that translate the content of the web pages can cause such issues.

Please follow the steps below to fix the issue:

(1) Disable all the browser extensions in your browser.

(2) Enable the browser extensions one by one to find out which one causes the issue.

(3) If you find the browser extension that causes the issue add Bookmark Ninja to its exception list/white list (if there is any). Make sure you are using the full URL "https://www.bookmarkninja.com". If the browser extension doesn't support an exception list/white list then leave the extension disabled.

Thursday, February 16, 2023

Bug fix in today's update

Today's update includes a bug fix for the following issue:

When you entered tags during adding or editing a bookmark, the position of the tag autocomplete popped up panel was sometimes incorrect. It happened only in desktop browsers, in mobile browsers it worked fine.

The correct position of the tag autocomplete panel

Monday, February 6, 2023

Payment module updated

The payment module on the Account page has been replaced with the latest checkout payment module from PayPal. Now there is a dedicated button for the credit/debit card payment, so it's easier to make the payment with a credit/debit card without having a PayPal account.

Card payment was available in the past, too, but users first had to click on the PayPal button then select the credit/debit card option which was somehow confusing.

Other than the dedicated card payment button the new payment module includes the latest developments, fixes and updates from PayPal.

Wednesday, January 11, 2023

Improvements in today's update

Today's update contains performance improvements (some code has been optimized), security improvements and an advanced bot detection mechanism that prevents bots from creating fake accounts.