search

N8-CIR-Bede / documentation

Documentation for the N8CIR Bede Tier 2 HPC faciltiy
https://bede-documentation.readthedocs.io/en/latest/
7 stars 11 forks source link

Document login multi factor authentication (MFA) #152

Closed bodgerer closed 1 year ago

bodgerer commented 1 year ago

We are in the process of rolling out multi factor authentication on Bede, initially to support groups and need to add documentation surrounding this. I've written some initial information, which I'm sure would benefit from finessing by the Documentation team.

Could someone take a look, please?

In particular:

- does it contain enough information
- is the tone correct
- should it be separated out into a separate page
- how best to communicate the rollout - does it provide enough "hooks" to keep users informed of progress
ptheywood commented 1 year ago

I've now pushed a commit to this branch which updates the banner annoucnment to reference the MFA and link to the appropriate part of the usage page.

This did require some changes to the javascript which I'd previously only written to support linking to whole pages rather than id's. I've also opened a new issue about making it so that this is easier to manage as a low priority task

image

The link redirects to usage/index.html#multi-factor-authentication, i.e. the new section on the page.

bodgerer commented 1 year ago

One other thing is how to handle the comms in the documentation. I imagine the rollout will be:

  1. Enable MFA on Bede support group accounts, so they can go through the process/documentation as a normal user
  2. Enable MFA on all accounts
  3. Disable SSH user keys

Is it ok to keep the content we're agreeing above for steps (1) and (2), update the warning box when we schedule (3), then update again once (3) complete. Or would you prefer a list, like you made for the RHEL8 update?

We'd also be sending emails to all users at step (2), including a date for step (3), then another when step (3) is complete.

ptheywood commented 1 year ago

One other thing is how to handle the comms in the documentation. I imagine the rollout will be:

  1. Enable MFA on Bede support group accounts, so they can go through the process/documentation as a normal user
  2. Enable MFA on all accounts
  3. Disable SSH user keys

Is it ok to keep the content we're agreeing above for steps (1) and (2), update the warning box when we schedule (3), then update again once (3) complete. Or would you prefer a list, like you made for the RHEL8 update?

We'd also be sending emails to all users at step (2), including a date for step (3), then another when step (3) is complete.

I think the current content is fine for now, and we can add in the concrete details when they are known (I.e. I can add them once I see the email) .