Open nickaddy opened 6 days ago
Hey team! Please add your planning poker estimate with Zenhub @drieJAC @HalcyonJAC @tomlovesgithub @warrensearle
'2FA is required every 7 days' 'Implement a session timeout of 2 hours'
If a user gets logged out after 2 hrs then wont they need to login again with 2FA?
No, they just log back in normally, without 2FA. 2FA is only required once a week, i.e. if I'm asked this morning when I log in at 9am, I will next be asked - at the earliest - at 9am next Monday.
Background
2FA is now commonplace for all online accounts. JAC Digital would like to implement 2FA to add an extra layer of protection for sensitive personal candidate data held on Apply. In addition, we would like to implement a session timeout, so that candidates are automatically logged out after a pre-determined time period.
User Story
As a candidate, I would like 2FA to be implemented on Apply so that my sensitive personal data is more secure.
Benefit(s) to user (if not already clear from User story)
If a candidate's device is mislaid or stolen, they will be logged out of Apply and their data will remain confidential.
Feature(s) Description
UK Mobile Phone number
field to Candidate profile on ApplyAcceptance Criteria
It's done when:
Definition of Done
User Testing Steps
Specify for users what is being tested (but not how to test it.)
Feature Champion
Nick