Randy Calvert Posted January 12, 2022 Posted January 12, 2022 IPS Team... Could someone test both ACP and SFTP access that I have stored for the active license please? I want to make sure the credentials and firewall rules are valid before I'm in a situation where I actually need help. Thanks!
Solution Jim M Posted January 12, 2022 Solution Posted January 12, 2022 Both ACP and SFTP appear to be working. ACP does require Two Factor Authentication, however, which at the time of an actual support need would need to be disabled.
Randy Calvert Posted January 12, 2022 Author Posted January 12, 2022 Hi Jim, Can you test ACP one more time? I've created a new group and given it unrestricted ACP access. I've set it as a hidden group and made sure 2FA was disabled. In the mean time, I'll create a feature suggestion regarding 2FA for support however as it's a bad idea to reduce security to allow access.
Jim M Posted January 12, 2022 Posted January 12, 2022 7 minutes ago, Randy Calvert said: Hi Jim, Can you test ACP one more time? I've created a new group and given it unrestricted ACP access. I've set it as a hidden group and made sure 2FA was disabled. All good now 🙂 . 7 minutes ago, Randy Calvert said: In the mean time, I'll create a feature suggestion regarding 2FA for support however as it's a bad idea to reduce security to allow access. While we certainly understand and appreciate it, the sole purpose of Two Factor Authentication, such as Google Authenticate (which you had enabled) is to authorize one individual's phone/device/what-have-you. There is no secure way we really can abide by this when multiple individuals on our staff may require access to be assisting you from potentially multiple different shifts. If you wish to provide us with security questions/answers that is something which we can still use and you can place in the notes section of the Client Area. However, at this time, we do not support Google Authenticate or Authy to be in place for support access. Hope that helps explain. That's not to say you shouldn't use it, just disabling access for when we require it would be the best idea.
Recommended Posts