2FA for Ente acount through already signed in sessions(With backup codes of course) #499
BushMasterJM
started this conversation in
Feature requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Right now, the only 2FA that an Ente Auth account has to my knowledge is an email verification. I think this could be improved apon by having an option to approve sign-ins through already signed in sessions. If you end up being signed out of all sessions, then have backup codes that can be used to sign in along with password. I believe this woud be similar to how authy by Twilio does it. Even with the email 2FA, that only adds another layer that somone could theoretically brute force. Technically you could then put that emails 2FA in the app and then save its backup codes offline but if this feature was added, it would streamline the whole thing. Just my thought though so maybe Im being too extreme or not understanding things correctly. I think its at least worth a discussion.
Beta Was this translation helpful? Give feedback.
All reactions