Jump to content
Announcing Achievements! ×

Community

Show all accounts with log in attempts fail?


Ocean West
 Share

Recommended Posts

I've had a few accounts locked yesterday

Account locked from logging in using this IP address until 03/11/2021 09:56 PM following 3 unsuccessful login attempts.

Four of them are Moderators - the IP address is 178.239.198.133 and 185.217.117.75

When i go to the Members -> Locked there is nothing in the list. 

Link to comment
Share on other sites

1 hour ago, Ocean West said:

Some are old school they don't have a smart phone.

Ahh! This is what the Authy question is about. You'd want the text/call option then that Authy provides. My guess is that your moderators aren't going to be as huge a cost as rolling this out to your general membership.

Link to comment
Share on other sites

4 minutes ago, Ocean West said:

Thanks 🙏 - i totally missed this option now enabled it and have added added a bunch of questions..

The not wonderful thing about this option is that these answers are viewable in ACP with no auditing of who is viewing them. This is terrible from a security perspective.

Be careful who has access to view and edit two-factor authentication in member profiles in ACP. I'd recommend turning this off for all administrator groups including your own.

Link to comment
Share on other sites

3 minutes ago, Ocean West said:

Yea that is odd I would expect these to be one way encrypted just like the password is. 

I can see a use case for some organizations where this exchange may happen over the phone and that the answers (depending on the questions) may be such where visual inspection of the provided answers could be a part of what happens for identity validation.

That said though, I think it's important that accessing those answers be considered a heightened privilege event. The option should exist to require the administrator to reauthenticate along with their own 2FA if configured as such, and should record an audit trail that the information was accessed by the administrator at said date and time.

We place trust in those we give privileged access to, however we should be able to verify that those responsibilities are not being abused by the individuals themselves or by a compromise affecting that individual's accounts.

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy