As a security conscious user, I want to be able to enable 2 factor authentication so that it is very difficult for another user to sign in as me.

mozilla / persona-roadmap

A repository for user stories related to Mozilla's Identity efforts.

3 stars 1 forks source link

As a security conscious user, I want to be able to enable 2 factor authentication so that it is very difficult for another user to sign in as me. #27

Open shane-tomlinson opened 11 years ago

chilts commented 11 years ago

Would this not be a function of the IdP? Or are you proposing this for the fallback IdP?

seanmonstar commented 11 years ago

An interesting scenario: if we implement 2FA for the fallback, and then a user's email provider becomes an IdP, without 2FA, they would effectively be "upgraded" to less security.

shane-tomlinson commented 11 years ago

@chilts - to the fallback IdP.

@seanmonstar - it's true.

djc commented 11 years ago

I wouldn't mind helping implement 2FA for the fallback, as I already have it on my personal IdP.

r0bl0rd commented 11 years ago

@shane-tomlinson Pls add benefit + priority.

shane-tomlinson commented 11 years ago

@r0bl0rd - you'll have to pardon my ignorance, what are PIs?

callahad commented 11 years ago

I think that's PLS -- please :)

As in, replace the orange tags on this issue.

r0bl0rd commented 11 years ago

Yes, @shane-tomlinson see #7 for details on the label system.