Open cvaldivia19 opened 5 years ago
hey @cvaldivia19 , thanks for surfacing this! It's about time we revisited this question probably.
The answer to your question: sort of. There are plugins that work well with our authentication library (devise) which would do this, but we haven't for a few reasons:
Our approach thus far has been asking funds to encourage CMs to use google accounts and two factor on those, but I defer to you on whether that will continue to be a tenable solution.
Tagging future features since this is something we'll want to revisit, but isn't germane to any work being done currently
Hi! I'm helping review the security audit recommendations and one is to review opportunities to enforce 2FA at the service level. Is this an option with how authentication is currently set up? Thoughts on added benefits?