An individual review is sensible I think. For myself I can only accept bank transfers of cash on pickup since I don’t have (and never would want) a PayPal account. On the other hand I think my seller feedback shows that it works well for the buyers.
Local pickups are a bit safer with unprotected payment methods as there is no intermediary involved, but for any member-to-member sales that require shipping we require protected payment methods that offer some layer of both buyer and seller protections, like PayPal Goods and Services. Anyone wishing to sell their items online via other methods are welcome to do so via a variety of different sites, but here on Head-Fi protected methods are a requirement.
Likewise, those who are hoping to avoid any tax implications due to local regulations may need to look to alternative sites to sell their items.
It does seem redundant a bit, right? It does send an exta notification to the seller if they are watching the item, and it notifies other potential buyers that an interest PM has been sent.
It does seem redundant a bit, right? It does send an exta notification to the seller if they are watching the item, and it notifies other potential buyers that an interest PM has been sent.
It seems some sellers are now not saying Paypal friends and family in their listings in order to conform to the rules, but when you PM them they request a friends and family payment. I'm just wondering what buyers can/should do in that situation?
I fully understand the problem of establishing trust in a marketplace that essentially spans the world… but regarding PayPal it’s not only the sellers that may try to do something nefarious: PayPal’s policies straight out invite buyers to file bogus claims. Which is why I would never do any business with PayPal and will only offer local pickup in the future. Or sell on other platforms altogether, which is a pity since here we have a community with special interests just like mine. But PayPal ist simply not an option. And I don’t even consider those gifts options.
I left eBay behind many years ago for the exact same reasons… now mostly using a local platform where pickup is the default anyway.
Payments
- Please only request payments via protected methods like PayPal Goods & Services. Do not request payment via unprotected methods like PayPal Friends & Family, money order, bank transfer, or any other unprotected payment methods. These requirements also mean we do not allow "net to me" requirements on Head-Fi Classifieds.
Do not request or send money using PayPal Friends & Family or services like Western Union or MoneyGram.
This includes direct payment apps such as Zelle, Cash App, Venmo, Apple Pay, Google Pay, etc.
All listed prices include applicable payment fees. Do not ask buyers to cover fees in addition to the asking price.
Please use Head-Fi's report function when you see sellers or listings that may not meet our guidelines and one of the moderators will review the report.
Please use Head-Fi's report function when you see sellers or listings that may not meet our guidelines and one of the moderators will review the report.
That's correct. Please use Head-Fi's report function when you see sellers or listings that may not meet our guidelines and one of the moderators will review the report.
We’re always looking for and working on ways to improve the site, and Head-Fi’er feedback is one of the best ways for us to know what sort of features and changes the community would like to see. Recently, we’ve had a handful of instances where an account was compromised due to reused login details — usernames, email addresses, and passwords primarily. To be clear, though, Head-Fi’s user database was not hacked or compromised.
What we have had are some reports of account access by a third party due to reused login information, where account usernames, email addresses, and passwords have been used for multiple website logins. And when one of the websites someone uses is compromised -- and that person’s login information for that website is used on other sites -- these kinds of things can occur. We would strongly suggest checking your own information against the myriad data leaks and website breaches that have taken place over the years. There are a number of services that can help with this — we use https://haveibeenpwned.com/ (free) but there are others. We also recommend using unique username/password combinations for each and every website you register for, which would help reduce incidents like this.
Along with their reports of such incidents, a few Head-Fi’ers requested an additional layer of account security be required to take part in Head-Fi Classifieds. After consideration the Head-Fi team agrees that an additional layer may go a long way in helping the community be safer in their Head-Fi Classifieds transactions. Starting today, Head-Fi is requiring two-factor authentication (2FA) for any Head-Fi’ers looking to post listings in Head-Fi Classifieds.
To enable 2FA on your profile, please visit the Password and Security page. 2FA will not be required to view listings or to contact listing creators.
Please note that after enabling 2FA it may take up to an hour before you can add or modify listings.
We know there will likely be a number of questions about how things will be changing once the update is released, so we answered some of the more likely questions you may have here in this brief Q&A. If you have any additional questions, please let us know.
Q: I just enabled 2FA on my profile, why can I still not create/edit/bump/close a listing?
A: There are a number of checks and verifications that our system runs when someone enables 2FA on their profile, and it's possible to help the process along by logging out after enabling 2FA and then log in again. Please note that after enabling 2FA it may take up to an hour before you can add or modify listings. The requirement for 2FA is in addition to our 30 day and 15 post requirements, so all three requirements must be met before a Head-Fi'er can post in Head-Fi Classifieds.
Q: What is two-factor authentication?
A: Two-factor authentication, or 2FA, is "an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism" (Wikipedia). It offers an additional layer of account security on top of the standard password used to log into Head-Fi by generating a one-time password (OTP) to use during login. When 2FA is enabled on a profile, both the standard password and the OTP will be required to log in.
Q: Will all Head-Fi'ers be required to enable 2FA on their profile?
A: This requirement will only be in place for Head-Fi'ers looking to create listings on Head-Fi Classifieds. Those who don't take part in Head-Fi Classifieds and those who are only responding to the listings of others will not be required to enable 2FA.
Q: Will my current Head-Fi Classifieds listings be removed if I don't enable 2FA?
A: Head-Fi'ers who do not enable 2FA on their profile will be unable to create new listings in Head-Fi Classifieds, but any active listings will still be visible. While active listings themselves will not be removed, listing creators will be unable to modify posted listings without 2FA enabled.
Q: Which 2FA methods does Head-Fi support?
A: Head-Fi'ers will have the option to choose from two methods of 2FA when enabling it on their profile. The recommended method is to use a 2FA app which will generate a unique OTP for you to use every time you log in. Alternatively, Head-Fi'ers can opt for email verification, where the site will send a OTP to the email address associated with your profile when you sign in.
Q: Which 2FA app/OTP generator do you recommend?
A: There are a number of OTP generating apps available for MacOS, Windows, Android, and iOS devices. Included in the list are apps like 1Password, Authy, Google Authenticator, LastPass Authenticator, and Microsoft Authenticator. There is no one specific OTP generator that Head-Fi recommends for 2FA.
Q: I'm trying to setup 2FA via email - why am I not receiving verification codes?
A: We've heard of a few situations where members were not receiving verification codes in their inboxes. As always, first check to see if verification codes are being caught to a spam filter. If so, be sure to mark the emails are "not spam" for future codes. You may also need to add the head-fi.org domain as a trusted domain in your email settings. This step has helped a few members get their verification codes. If you have any custom email rules to send certain Head-Fi emails to a folder for organization, be sure to check those folders as well.
Step 2: Click the "Change" box next to "Two-step verification: Disabled"
Step 3: Enter your account password if prompted, then click "Confirm"
Step 4: Select which method of 2FA you'd like to enable
Step 5a: If choosing to use app-based 2FA, follow the steps required for your chosen app to setup a new login
Step 5b: If choosing to use email-based 2FA, enter the confirmation code that was sent to your email address.
Step 6: Once you've completed activation, verify the change on the Password and Security page. If you see "Two-step verification: Enabled," you've successfully registered 2FA on your profile.
We’re always looking for and working on ways to improve the site, and Head-Fi’er feedback is one of the best ways for us to know what sort of features and changes the community would like to see. Recently, we’ve had a handful of instances where an account was compromised due to reused login details — usernames, email addresses, and passwords primarily. To be clear, though, Head-Fi’s user database was not hacked or compromised.
What we have had are some reports of account access by a third party due to reused login information, where account usernames, email addresses, and passwords have been used for multiple website logins. And when one of the websites someone uses is compromised -- and that person’s login information for that website is used on other sites -- these kinds of things can occur. We would strongly suggest checking your own information against the myriad data leaks and website breaches that have taken place over the years. There are a number of services that can help with this — we use https://haveibeenpwned.com/ (free) but there are others. We also recommend using unique username/password combinations for each and every website you register for, which would help reduce incidents like this.
Along with their reports of such incidents, a few Head-Fi’ers requested an additional layer of account security be required to take part in Head-Fi Classifieds. After consideration the Head-Fi team agrees that an additional layer may go a long way in helping the community be safer in their Head-Fi Classifieds transactions. Starting today, Head-Fi is requiring two-factor authentication (2FA) for any Head-Fi’ers looking to post listings in Head-Fi Classifieds.
To enable 2FA on your profile, please visit the Password and Security page. 2FA will not be required to view listings or to contact listing creators.
We know there will likely be a number of questions about how things will be changing once the update is released, so we answered some of the more likely questions you may have here in this brief Q&A. If you have any additional questions, please let us know.
Q: What is two-factor authentication?
A: Two-factor authentication, or 2FA, is "an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism" (Wikipedia). It offers an additional layer of account security on top of the standard password used to log into Head-Fi by generating a one-time password (OTP) to use during login. When 2FA is enabled on a profile, both the standard password and the OTP will be required to log in.
Q: Will all Head-Fi'ers be required to enable 2FA on their profile?
A: This requirement will only be in place for Head-Fi'ers looking to create listings on Head-Fi Classifieds. Those who don't take part in Head-Fi Classifieds and those who are only responding to the listings of others will not be required to enable 2FA.
Q: Will my current Head-Fi Classifieds listings be removed if I don't enable 2FA?
A: Head-Fi'ers who do not enable 2FA on their profile will be unable to create new listings in Head-Fi Classifieds, but any active listings will still be visible. While active listings themselves will not be removed, listing creators will be unable to modify posted listings without 2FA enabled.
Q: Which 2FA methods does Head-Fi support?
A: Head-Fi'ers will have the option to choose from two methods of 2FA when enabling it on their profile. The recommended method is to use a 2FA app which will generate a unique OTP for you to use every time you log in. Alternatively, Head-Fi'ers can opt for email verification, where the site will send a OTP to the email address associated with your profile when you sign in.
Q: Which 2FA app/OTP generator do you recommend?
A: There are a number of OTP generating apps available for MacOS, Windows, Android, and iOS devices. Included in the list are apps like 1Password, Authy, Google Authenticator, LastPass Authenticator, and Microsoft Authenticator. There is no one specific OTP generator that Head-Fi recommends for 2FA.
Q: I just enabled 2FA on my profile, why can I still not create a listing?
A: There are a number of checks and verifications that our system runs when someone enables 2FA on their profile, and after enabling 2FA it may take up to an hour for access to Head-Fi Classifieds to be granted. The requirement for 2FA is in addition to our 30 day and 15 post requirements, so all three requirements must be met before a Head-Fi'er can post in Head-Fi Classifieds.
To make it really effective, it would also have to be necessary to be able to send PM.
Most of the problems that have occurred have been due to responses to "want to buy" posts.
We’re always looking for and working on ways to improve the site, and Head-Fi’er feedback is one of the best ways for us to know what sort of features and changes the community would like to see. Recently, we’ve had a handful of instances where an account was compromised due to reused login details — usernames, email addresses, and passwords primarily. To be clear, though, Head-Fi’s user database was not hacked or compromised.
What we have had are some reports of account access by a third party due to reused login information, where account usernames, email addresses, and passwords have been used for multiple website logins. And when one of the websites someone uses is compromised -- and that person’s login information for that website is used on other sites -- these kinds of things can occur. We would strongly suggest checking your own information against the myriad data leaks and website breaches that have taken place over the years. There are a number of services that can help with this — we use https://haveibeenpwned.com/ (free) but there are others. We also recommend using unique username/password combinations for each and every website you register for, which would help reduce incidents like this.
Along with their reports of such incidents, a few Head-Fi’ers requested an additional layer of account security be required to take part in Head-Fi Classifieds. After consideration the Head-Fi team agrees that an additional layer may go a long way in helping the community be safer in their Head-Fi Classifieds transactions. Starting today, Head-Fi is requiring two-factor authentication (2FA) for any Head-Fi’ers looking to post listings in Head-Fi Classifieds.
To enable 2FA on your profile, please visit the Password and Security page. 2FA will not be required to view listings or to contact listing creators.
We know there will likely be a number of questions about how things will be changing once the update is released, so we answered some of the more likely questions you may have here in this brief Q&A. If you have any additional questions, please let us know.
Q: What is two-factor authentication?
A: Two-factor authentication, or 2FA, is "an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism" (Wikipedia). It offers an additional layer of account security on top of the standard password used to log into Head-Fi by generating a one-time password (OTP) to use during login. When 2FA is enabled on a profile, both the standard password and the OTP will be required to log in.
Q: Will all Head-Fi'ers be required to enable 2FA on their profile?
A: This requirement will only be in place for Head-Fi'ers looking to create listings on Head-Fi Classifieds. Those who don't take part in Head-Fi Classifieds and those who are only responding to the listings of others will not be required to enable 2FA.
Q: Will my current Head-Fi Classifieds listings be removed if I don't enable 2FA?
A: Head-Fi'ers who do not enable 2FA on their profile will be unable to create new listings in Head-Fi Classifieds, but any active listings will still be visible. While active listings themselves will not be removed, listing creators will be unable to modify posted listings without 2FA enabled.
Q: Which 2FA methods does Head-Fi support?
A: Head-Fi'ers will have the option to choose from two methods of 2FA when enabling it on their profile. The recommended method is to use a 2FA app which will generate a unique OTP for you to use every time you log in. Alternatively, Head-Fi'ers can opt for email verification, where the site will send a OTP to the email address associated with your profile when you sign in.
Q: Which 2FA app/OTP generator do you recommend?
A: There are a number of OTP generating apps available for MacOS, Windows, Android, and iOS devices. Included in the list are apps like 1Password, Authy, Google Authenticator, LastPass Authenticator, and Microsoft Authenticator. There is no one specific OTP generator that Head-Fi recommends for 2FA.
Q: I just enabled 2FA on my profile, why can I still not create a listing?
A: There are a number of checks and verifications that our system runs when someone enables 2FA on their profile, and after enabling 2FA it may take up to an hour for access to Head-Fi Classifieds to be granted. The requirement for 2FA is in addition to our 30 day and 15 post requirements, so all three requirements must be met before a Head-Fi'er can post in Head-Fi Classifieds.
No offense, but this doesn't actually fix anything since the scammers have been using WTB ads to contact people who are legitimate buyers. They're not usually posting brand new items in the classifieds section. So, by allowing "2FA will not be required to view listings or to contact listing creators", nothing has been fixed by this change, and just an additional layer of security has been added to...the area where there was no problem to begin with. Now, if you wanted to enable 2FA to contact a listing creator, that would in fact help to solve the problem. My $.02.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
