Open shuvashish76 opened 2 years ago
samuelclay
commented
2 years ago Oh man, you're hitting all the long-time goals with this series of tickets. Do you work as a Product Manager by any chance?
I'm working on #1576 and the premium pro tier could use 2FA.
shuvashish76
commented
2 years ago Do you work as a Product Manager by any chance?
😅 Nah, I'm not a dev or project manager. I post my suggestions what I feel is missing & as user of opensource projects our job is to convince the developer with all the details we can gather. There are no deadlines in OSS development. So feature priority totally upto you :)
RubenCordeiro
commented
2 years ago +1 for this, my only comment here:
If you lost access to your authentication codes, you can also do a password reset via email.
That would sort of defeat the purpose of two factor authentication in a way, since an attacker could hijack your account by having access to one of your authentication factors. A better way in my opinion would be to generate recovery codes upon setup, similarly to what many platforms provide. Biggest issue here would be the level of support required in case someone loses access to their device, but since @samuelclay is thinking about offering this feature to a premium tier this could be a valid concession.
Newsblur isn't just a Newsreader. From our read articles, likes (intelligence trainer), notification preferences it can reveal everything from a person’s political and religious beliefs to sexual orientation and medical conditions etc...
I'd suggest to add 2FA extra security for Newsblur accounts as 2FA very common these days & easy to setup.