Open adam-hurwitz opened 1 year ago
Hi @AdamSHurwitz, Thanks for giving us idea, we will let our team know this. It is important for us to provide MFA for users to protect their account, we will investigate solutions.
Much appreciated @jackycute!
I will use a third-party service in the meantime in order to have MFA protection. Also, I've reached out to support@hackmd.io with a related security vulnerability.
About
Native sign-in with MFA allows for the user to own their account and data with maximum security. This aligns with the open-source values of HackMD.
User flow
Alternative
Migrate an account's native sign-in from username and password to third-party sign-in for MFA