Security option to require a password prompt/2FA code before subscribing

Hi there! Not sure if this was suggested before, but I would like to have an extra security layer when using the platform. Right now, in the event an attacker gains access to a Patreon account, the attacker can not only access all the patron-exclusive posts that the victim has access to, they can also subscribe to as many creators as they want for free, at the victim’s expense.

There are scenarios where the attacker could gain access to the account without knowing the password and without entering any 2FA code. These are just two examples:

  1. Cookie stealing: The web browser stores some small bits of data to keep the user logged in, if this data is retrieved by the attacker it could be used to access the victim’s account. No login required.
  2. Stolen phone/laptop: If the account is logged in, they can access it without any login prompt.

In order to mitigate the first scenario, Patreon should link every session cookie to a particular IP Address, Device and Web Browser. If any of these 3 change, the cookie should be rejected and Patreon should require a login. But this won’t help to mitigate scenario 2, that’s why I’m suggesting this feature.

The idea is to add an optional security option that, if enabled, it would require a password prompt and/or a 2FA code when the user performs any operation to the memberships (Subscribing, Cancelling, Upgrading Tier, etc). With this feature in place, the attacker in scenario 2 would still have access to the patron-exclusive posts, but will not be able to subscribe to hundreds or thousands of creators, and potentially ruin the victim’s life financially.

Obviously there’s no salvation for those careless individuals who have the passwords written in a post-it and don’t even care to enable 2FA. But for the average user (not security savvy but not that much careless) this feature could save some people out there. I think it would be worth to implement it.

1 Like

Hey @Sigma91, good news! Patreon does already provide the ability for users to turn on SMS or TOTP Two Factor Authentication. See how to enable this here:

1 Like

Hi @reyna Sorry for the late reply.

I’m afraid Two Factor Authentication is not enough. In the computing world security is never enough, which is why businesses should always strive to make their operations more secure.

What I’m suggesting here is to require a 2FA or PIN code when the user wants to subscribe to a creator, upgrade tier, or perform any other operation with their active memberships. This should be an optional security feature of course. With this feature enabled, in the event a user account is compromised somehow, the attacker won’t be able to subscribe to hundreds of creators, financially ruining the user in the process.

1 Like

Aaaah, I see what you mean @Sigma91. Sorry for misunderstanding beforehand!

We do have 2FA for patron accounts, but do not have 2FA/PIN codes when making a new pledge. I will bring your feedback to the team and share your comments! Thank you for bringing this to our attention.

1 Like