Open paulschreiber opened 3 years ago
To improve the security of SmartHalo accounts, please add support for two-factor authentication, including:
Do not add support for SMS-based 2FA, which is an anti-recommendations. See NIST 800-63B.
Accounts can be compromised based on guessing, brute-forcing or phishing the password.
Prevents account takeover.
Description
To improve the security of SmartHalo accounts, please add support for two-factor authentication, including:
Do not add support for SMS-based 2FA, which is an anti-recommendations. See NIST 800-63B.
Problem
Accounts can be compromised based on guessing, brute-forcing or phishing the password.
Solution
Prevents account takeover.