JavaScript is disabled
Our website requires JavaScript to function properly. For a better experience, please enable JavaScript in your browser settings before proceeding.
Our login integration with Facebook is currently disabled pending their review of our integration.

I know a lot of you use it, and I apologize for the inconvenience. I'm waiting to hear back from them for clarification on exactly what they're asking for.

As part of their integration requirements they periodically review each integration. From their email:

Your app Northwest Firearms doesn't fully comply with our Platform Policies. Since we're striving to improve the Platform experience, your app has been deactivated.

Your app is violating Platform Terms 7.a-d: To view this policy in entirety, visit the "Compliance Review Rights and Suspension and Termination of these Terms" section of our Platform Policies at https://developers.facebook.com/terms. This policy includes information on app review, regular monitoring, auditing rights, and certifications.

To bring your app into compliance, provide the following in your appeal:

1. Detailed instructions describing how we can access your platform to test and review. Once we are able to access your platform, the experience we test in your app should accurately reflect the experience a user has in your app.
2. Valid credentials for us to login to your app and test/review its functionality and its use of any Facebook API integration. These credentials should be valid indefinitely to allow for future review of your app.
If this means us allowing them to create a normal user account here to see how the integration works, I'm OK with that.

If, as suggested in section 7.C of their terms linked in the quote above, they are asking for any additional access (servers, backend, email, etc.) we will be disabling the integration completely.

We've kept it enabled because a lot of people use it, but there is no way they're getting access to your user data.

We don't give or sell your data to anyone, period.
 
I'd be willing to bet that Zucker sucker doesn't want any PRO FIREARMS forums to be associated with Facebook.

And I don't think using Fakebook to log into NWFA is safe due to the high prevalence of FB hackers. I've been hacked repeatedly there. Recently they (the hackers) sent a PM to all my Messenger contacts saying lord knows what.... don't let them do that here!!!
 
Last Edited:
I'm seeing reports on another gun forum that not even secure passwords are safe.... wondering if that is because of logging in with Google or Facebook, or if it is because of letting browsers like Firefox save those supposedly secure passwords.

I'm starting to think the hacking can only be prevented by using 2FA. Which I'm now using for important accounts but what a pain to use every time I want to check in at a forum!!
 
I'm seeing reports on another gun forum that not even secure passwords are safe.... wondering if that is because of logging in with Google or Facebook, or if it is because of letting browsers like Firefox save those supposedly secure passwords.

I'm starting to think the hacking can only be prevented by using 2FA. Which I'm now using for important accounts but what a pain to use every time I want to check in at a forum!!
Duckduckgo
 
According to one source at the other forum, the hackers are not necessarily targeting individual IPs, but rather hacking the servers where the password "hashes" are stored. It's pretty technical, but we'd be surprised at how some servers don't do a very good job of maintaining unique passwords and instead have a number of duplicates that hackers can take good advantage of...
 
You are not tracked like google or FB.
That is true. But I was talking about people using their Google account (which one has if using Gmail or an Android phone) or their FB account to log into another website. You've probably seen the tabs that allow one to do that as a shortcut and I'm saying it's not a good idea. Nothing to do with search engines at all.
 
There are many techies here that know a lot about all this stuff... but here is some info on how passwords are stored on servers: https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/
That is a best practice, but not a guarantee that a company will actually follow those practices.

Legacy systems are especially prone to not implementing best practices like this since they often have to interface with other systems and changing the authentication mechanism would "cost too much".

https://haveibeenpwned.com/ is a great (and reputable) resource for finding site that have had data breaches. For each breach that contains your data was leaked in, it will provide details about how the breached passwords were stored (e.g. poor cryptography that resulted passwords being resolved to plain text, hashed - but not salted - password, salted passwords that were hashed - as described in the article above, etc)
 
I actually prefer this over Facebook

Facebook deleted 475,000 2A related accounts last year. That speaks for itself. You don't fully understand the Left is at war with us, and our beliefs. They honestly hate Gun owners and Right wing politics.

Thank you for providing a place I can read about what I'm interested in.

Facebook is just full of silly animals & skateboard tricks now. 2A community was thinned out. And I get a 30 day ban every time I reply when someone's asks a question in the gungroups there
 

Upcoming Events

Tillamook Gun & Knife Show
Tillamook, OR
"The Original" Kalispell Gun Show
Kalispell, MT
Teen Rifle 1 Class
Springfield, OR
Kids Firearm Safety 2 Class
Springfield, OR

New Resource Reviews

New Classified Ads

Back Top