search

makeplane / plane

🔥 🔥 🔥 Open Source JIRA, Linear, Monday, and Asana Alternative. Plane helps you track your issues, epics, and product roadmaps in the simplest way possible.
http://plane.so
GNU Affero General Public License v3.0
28.57k stars 1.56k forks source link

[feature]: multi factor authentication #1212

Open Unyxos opened 1 year ago

Unyxos commented 1 year ago

Is there an existing issue for this?

Summary

Provide a way to a better account security by being able to enable 2FA

Why should this be worked on?

It's hard to think of products that don't provide MFA/2FA to secure accounts, whether it's OTP or hardware security keys, I believe it'd be a nice addition for each to be able to secure their account better :)

rhea0110 commented 1 year ago

Hey @Unyxos, we sincerely appreciate and value your suggestion. Thank you for submitting the feature request. Our team will brainstorm around it, and we will keep you updated on any progress made.

Thanks!

TastyFrenchBun commented 4 months ago

Hey! Did this get implemented yet? I couldn't find anything in god-mode :\

jake-ef commented 3 months ago

Following up on this request - currently (.21-dev) authenticates god-mode using username/password. This could be a concern for many organizations that mandate 2FA for admin access to production apps.

Having oidc/saml support on the front-end is a huge step forward in addressing this for standard users, and it makes sense to continue this trend for god-mode.

Addressing this in a basic way could be as simple as allowing the admin to use the configured admin email account as a second factor once an email server is configured. Just send a code and call it a day; then down the road consider using other configured authentication methods to access the page.

Thank you!