bapril
commented
7 years ago Hi Stew, What if it allowed Login, but no other actions until 2FA is configured when that bit is set?
Open stewrg opened 7 years ago
bapril
commented
7 years ago Hi Stew, What if it allowed Login, but no other actions until 2FA is configured when that bit is set?
stewrg
commented
7 years ago That would be the perfect solution :)
massar
commented
7 years ago We'll schedule this for a fix soon :)
stewrg
commented
7 years ago Brilliant. Thank you. This is a high priority for us as we wish to force 2FA on all users.
When forcing 2FA on a system wide basis new users (who have not yet enabled 2FA) are not able to log on to the system.
When turning on this global setting would it be possible to send every user (who has not yet enabled 2FA) a one-time code to enter into the 2FA window to enable them to log in and set up this feature. (They will obviously already know their password - so I suggest there would be no loss of security sending this in the clear to users who have not yet enabled their PGP)