search

mojaloop / project

Repo to track product development issues for the Mojaloop project.
Other
24 stars 15 forks source link

Security BC - Implement 2FA #3512

Open pedrosousabarreto opened 1 year ago

pedrosousabarreto commented 1 year ago

As a hub operator, I want to be able to enhance the security of my hub operator portals by enforcing 2FA for operator staff authentication during login.

Acceptance Criteria

  1. Scenario: Operator staff are required to register a second authentication factor

    • Given the 2FA feature is implemented
    • When an operator staff member logs in to a portal, and they have not registered a second authentication factor
    • Then they should be prompted to register a second factor of authentication, as defined by the hub operator during deployment, once they have logged in using their password

  2. Scenario: Operator staff can only login in successfully when they present their 2FA in addition to their username/password credentials

    • Given the 2FA feature is implemented
    • When an operator staff member logs in to a portal, and they have registered a second authentication factor
    • Then they will be required to provide a second factor of authentication in addition to their password as part of the login process
JulieG19 commented 6 months ago

Hi @pedrosousabarreto , was this implemented? Thanks!

JulieG19 commented 6 months ago

Hi @PaulMakinMojaloop , could you please add more requirements in this epic? I recalled we discussed this in one of the product council meeting.

PaulMakinMojaloop commented 6 months ago

@JulieG19 Will do. Briefly, this is about the requirement to use 2FA for operator login at the Hub. I'll add requirements.

elnyry-sam-k commented 6 months ago

Converting to Epic upon @PaulMakinMojaloop's request

PaulMakinMojaloop commented 6 months ago

@JulieG19 Would you mind checking over this Epic for clarity, please?