JuliaFreitagBGSt
commented
1 week ago Question: Automatic login should expire after a certain period of time. Suggestion: 90 days. Is that common? What is recommended?
Open iantrieschmann opened 1 month ago
JuliaFreitagBGSt
commented
1 week ago Question: Automatic login should expire after a certain period of time. Suggestion: 90 days. Is that common? What is recommended?
JuliaFreitagBGSt
commented
1 week ago Discussion: its essentiell to check the user-flow (what happens if you are not able to login into the app, but need it for the 2fa?)
issue isn't ready for development until questions above are clarified
JuliaFreitagBGSt
commented
6 days ago @maxpfe as mentioned before, issue is not ready for development until questions above are clarified pls clarify or otherwise issue stays in backlog
Login credentials are saved on the device and users remain logged in. The necessity of a renewed login should be prevented whenever possible.
For this reason and due to security concerns, users must be verified when opening the application. The verification itself should occur as easily, accessibly and quickly as possible, gladly, e.g., per face ID, fingerprint, short PIN or longer password - if possible, the extant device settings should be taken into consideration. For this, a setting / query must be developed where necessary.