Jump to content

No 2FA prompt when logging in (my 2FA is enabled)

CalTec

By CalTec
in Feedback

 Share

Recommended Posts

RadioRob Grand Master

RadioRob

Posted
Posted

We don’t force the use of 2FA for members.  It’s only REQUIRED for people with access to the backend tools of the site.  (Meaning it’s required for Cooper and myself.)

It’s optionally available for members… and RIGHT NOW it would only challenge 2FA for specific actions…. 

- Changing email address
- Changing password
- Managing authorized (recognized) devices

It’s not currently configured to require it for login to the front end of the site.  
 

Link to comment
Share on other sites
RadioRob Grand Master

RadioRob

Posted
Posted

2FA stands for Two Factor Authentication.  It’s sometimes noted as MFA (Multi Factor Authentication).    

It’s designed to help improve security by requiring something other than just a username/password to access a protected resource.

There are many forms of 2FA….  It could include having a one time code sent (pushed) to a trusted device (via email or text), it could be a security token (such as a physical RSA token generator or a software based token generator such as Google Authenticator or Authy), or even things such as biometrics.  

The general idea is that a good way to protect a resource is to verify a user using multiple methods…  typically this is along the lines of:

- Something you know (say a password)
- Something you have (say access to a token generator that changes codes every 30 seconds)
- Something you are (say such as a finger print or face scan)

The idea is that if your password was ever compromised somehow, someone still could not access the resource without an additional factor.  This makes it much harder for a malicious person to obtain and thus improves your overall security posture.  

 

Link to comment
Share on other sites
CalTec Collaborator

CalTec

Posted
  • Author
Posted
On 5/3/2022 at 4:37 PM, RadioRob said:

We don’t force the use of 2FA for members.  It’s only REQUIRED for people with access to the backend tools of the site.  (Meaning it’s required for Cooper and myself.)

It’s optionally available for members… and RIGHT NOW it would only challenge 2FA for specific actions…. 

- Changing email address
- Changing password
- Managing authorized (recognized) devices

It’s not currently configured to require it for login to the front end of the site.  
 

Copy that, thanks for the clarification 👍

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

Contact Info:

The Company of Men
5834 C. North Kings Hwy #4343
Alexandria, VA 22303

Email: moderators@companyofmen.org

Help Support Our Site

Our site operates with the support of our members. Make a one-time donation using the buttons below.

$10 $25 $50 $100 $200

Make a recurring donation

Additional Resources

×
×
  • Create New...