We are Borg Posted May 7, 2019 Posted May 7, 2019 I would like to see two improvements in the 2 way authentication. 1. Remember device for x days AdminCP. The reason i am at home i want to set the system up so i only need to authenticate once in x days for backend. But when i am on public i will not use this so its something that needs to be done with cookies to ensure its not for all devices. 2. Ask code by email. If i want to login with this system i need to either use app or questions, but another option would be to email a code and use that.
bfarber Posted May 8, 2019 Posted May 8, 2019 3 21 hours ago, We are Borg said: 2. Ask code by email. If i want to login with this system i need to either use app or questions, but another option would be to email a code and use that. The design of two-factor authentication (generally) is to leverage something you know and something you possess (i.e. a keyfob or smartphone). Sending an email doesn't satisfy that "possession" intent.
We are Borg Posted May 8, 2019 Author Posted May 8, 2019 1 hour ago, bfarber said: The design of two-factor authentication (generally) is to leverage something you know and something you possess (i.e. a keyfob or smartphone). Sending an email doesn't satisfy that "possession" intent. It’s the email address you used to register on the forum so its not like you type in a random address when you want to have a code.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.