We are Borg Posted May 7, 2019 Share Posted May 7, 2019 I would like to see two improvements in the 2 way authentication. 1. Remember device for x days AdminCP. The reason i am at home i want to set the system up so i only need to authenticate once in x days for backend. But when i am on public i will not use this so its something that needs to be done with cookies to ensure its not for all devices. 2. Ask code by email. If i want to login with this system i need to either use app or questions, but another option would be to email a code and use that. Link to comment Share on other sites More sharing options...
bfarber Posted May 8, 2019 Share Posted May 8, 2019 3 21 hours ago, We are Borg said: 2. Ask code by email. If i want to login with this system i need to either use app or questions, but another option would be to email a code and use that. The design of two-factor authentication (generally) is to leverage something you know and something you possess (i.e. a keyfob or smartphone). Sending an email doesn't satisfy that "possession" intent. Link to comment Share on other sites More sharing options...
We are Borg Posted May 8, 2019 Author Share Posted May 8, 2019 1 hour ago, bfarber said: The design of two-factor authentication (generally) is to leverage something you know and something you possess (i.e. a keyfob or smartphone). Sending an email doesn't satisfy that "possession" intent. It’s the email address you used to register on the forum so its not like you type in a random address when you want to have a code. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.