Hello everyone and welcome to another of our weekly updates!
We have some exciting news for you. Based on increasing community requests, feedback and votes, we have implemented two factor authentication for the accounts! You can now secure your account with Time-Based One Time Password (TOTP), using an app like Authy or Google Authenticator.
The setup is quite simple and can be done by scanning a QR code given to you in Neos. By default any credit transactions (NCR and KFC) will always require a code to process. You can optionally enable the protection for login into your account as well, once we update account.neos.com website it'll be made default for everyone as well.
We have also begin overhaul of Neos' existing branding, to bring it up to modern standards and design guidelines. In the upcoming weeks, we'll start replacing our logos, banners and other materials with brand new designs and releasing official branding guidelines. If you'd like a bit of a sneak peek, check out some of the materials below!
[h2]Upcoming Branding Refresh[/h2]
The Neos Metaverse is getting a fresh coat of paint!
[previewyoutube][/previewyoutube]
We are excited to announce that Neos has begun an overhaul of its existing branding! These changes include but are not limited to, a redesign of the official logo, the introduction of an official color palette, and the introduction of the official Neos Metaverse typeface, “Stephenson”.
In the weeks to come, we will be releasing an official set of branding guidelines and updating the brand identity across the board. This includes updates to the design of Mentor and Moderator badge and onward to the existing icons, along with new background artworks for the Discord, Steam page, and website. These changes will open up a new world of opportunity when it comes to ways Neos is able to promote itself and be identifiable in the wild. There are many plans in the works…
For specific thoughts and concerns feel free to contact or tag Chroma on our Discord.
It's a new day in the metaverse!
[h2]Two Factor Authentication[/h2]
Implementing two factor authentication has been something we heard our community asking more and more frequently as time went on, so we decided to prioritize it, to provide increased account security for everyone.
As of the latest build, Neos now offers the Time-Based One Time Password (TOTP) 2FA authentication which anyone can setup on their account. In order to use this method, you’ll typically need an authenticator app on your phone, such as Authy or Google Authenticator.
[previewyoutube][/previewyoutube]
2FA account setup. The code shown in the video is for demonstration purposes only and has been scrapped. NEVER show your QR code and recovery codes to anyone.In Neos on the tools panel (the same one that contains New World, Avatar Creator and NCR Withdrawal & Deposit options), you can find a new “Setup 2FA” option. Clicking this will open up a wizard that will walk you through the setup.
You can do so by scanning a QR code with your phone or manually typing in the security code (the latter is not recommended). Once you have it scanned, you will be given a set of 8 recovery codes.
Those codes can be used in place of the 6-digit code in case you lose access to your phone. If you do need to use them, we recommend that you deactivate 2FA (using the same button as to activate) on your account immediately and reactivate to generate a fresh secret and set of recovery codes.
Keep in mind that each recovery code is 1-time use only, meaning you will run out of them quickly and get permanently locked out of your account if you lose both. We recommend storing them at a secure location.
[h3]Protecting NCR[/h3]
By default, once 2FA is setup, you will be asked for a 2FA code for every NCR (and KFC, since they use the same underlying system) transaction. This provides a great degree of security, preventing anyone from sending or withdrawing credits from your Neos account when your computer and/or password gets compromised.
https://www.youtube.com/watch?v=Db10T1CXpHA
[h3]Protecting Account Login[/h3]
At the moment logging into your account isn’t protected by 2FA by default. You can enable this by sending /enableLogin2FA command to the Neos account in your Contacts, which will require each fresh login to input the 2FA code.
https://www.youtube.com/watch?v=Jw2vGjI-10k
One caveat is that our account.neos.com website hasn’t been updated to support 2FA yet, so when the login protection is activated you won’t be able to login there. We are working on updating the website as soon as possible, but this solution should provide a good workaround.
If you need to login to the website, you can also use the /webLogin command from Neos or the AdminX tool bundled with Neos. It will suppress the 2FA login for 3 minutes, giving you enough time to login and automatically re-enabling it afterwards.
If you use the "Remember Me" option you will not need to input 2FA code every time you start Neos. This trades some security for more convenience. The authentication codes are refreshed every time you login, so generally shouldn't pose a big risk, but if you want even higher security you can just do a fresh login every time.
[h2]QR Code Procedural Texture[/h2]
One of our core design philosophies is to implement any functionality in the form of general building blocks that can be used for other purposes as well by everyone in Neos. One of such blocks is a brand new procedural texture - StringQRCodeTexture.
[previewyoutube][/previewyoutube]
This texture lets you specify arbitrary text string as payload (as long as it fits into the QR code), level of error correction and two colors for the QR code. It will update dynamically in real time, so you can build whatever logic you like to encode any text you like.
While it’s a bit more niche, we hope that some of you will find it useful and fun to play with!
[h2]New LogiX nodes for detecting open dash and quick time formatting[/h2]
If you’d like to add a cool visual to your avatar whenever you have your Neos, SteamVR or Oculus dash open, now you can! With two new LogiX nodes you can detect whether the Neos’ own dash is open or the external platform one (e.g. SteamVR or Oculus) is.
We also added a set of three nodes to make formatting DateTime more convenient, making it easy to show just the time or date part with configurable style. Similarly there’s a node to quickly format a TimeSpan structure.
[h2]Desktop can now send items to contacts, export and set profile picture[/h2]
Thanks to some recent changes, we added a behavior where holding an item in the desktop mode with the Right Mouse button and opening the dash with Esc will keep the item held in hand. This implicitly enabled some previous VR-only interactions, such as sending items to Contacts, exporting through File Browser or setting a Profile picture to work.
We still plan to redesign those UI’s to make the interactions more intuitive and idiomatic, but it should help make those old ones usable in the meanwhile! We also disabled physical grabbing in desktop, fixing cases where the avatar would grab a nearby item with their hand due to proximity, rather than the item the mouse cursor was pointing at.
[h2]What’s next[/h2]
Apart from the new features, tweaks and fixes, we are continuing with several other tasks, notably the BEPUv2 upgrade. We have now finished implementing all collider types and using the asset variant system to generate and cache the acceleration data for Mesh Colliders and Convex Hulls.
This change will significantly speed up loading of worlds and reduce CPU load - a moderately heavy mesh collider would take about 680 ms to generate, but only 48 ms to load from a pre-generated version.
We also implemented tracking of transform hierarchy changes, updating the collider transform in the physics engine in all cases as well as responding to changes in scale. The system that tracks those changes has been extended to allow separate tracking of position/rotation changes and scale changes, so parts that are only interested in scale changes do not have to update when only the position/rotation changes, resulting in better efficiency and less wasted cycles.
[previewyoutube][/previewyoutube]
There is still much to do, you can check the tasks on our Physics roadmap on GitHub. We also recommend checking other roadmaps, the #devlog channel on our official Discord and release notes for a full list of all the additions, tweaks and bugfixes.
And as usual, big thanks to you, our supporters! You are what makes all of this possible and keep us moving forward with your feedback, support and creativity every day. We’ll see you next week!