emper0r
commented
1 year ago Hi, any update about this? is since 2017 to enable otp for login regular. thanks
Open kiminet opened 7 years ago
emper0r
commented
1 year ago Hi, any update about this? is since 2017 to enable otp for login regular. thanks
Roxyrob
commented
1 year ago Hi @jrivard, enforced Regular Authentication (e.g. pwd+otp) is really important as if someone can rip user and password will can simply login using "Regular Authentication" and change all of your auth method (PWD + OTP + SMS + Answers).
With a simple add of a third auth method (e.g. OTP) security could be greatly increased.
I haven't been able to ffind a way to configure additional verification modules for the regular authentication. In addition to username and password I would like to increase the security by OTP/SMS.
The Forgotten Password-module makes it possible to configure different verification methods, such as OTP or SMS using sliders (Not used/Optional/Required). Perhaps the regular authentication could be configurable in a similar way.