greg-next
commented
3 years ago Consider using OneLogin https://www.onelogin.com/
Open greg-next opened 3 years ago
greg-next
commented
3 years ago Consider using OneLogin https://www.onelogin.com/
Considering that the Nextensio controller may have customer-sensitive information in it, please add support for a second factor at login.
Preferred second factors would be an authenticator app (e.g., Google Authenticator) and a security key such as Titan Security Key or YubiKey. A recovery process will also be needed.
SMS second factors are still compromised by sim-stealing attacks and known vulnerabilities in the SS7 network.