MonarcAppFO icon indicating copy to clipboard operation
MonarcAppFO copied to clipboard
verified publisher icon monarc-project

Enforcement of two-factor authentication

Open cedricbonhomme opened this issue 3 years ago • 0 comments

Discussed in https://github.com/monarc-project/MonarcAppFO/discussions/455

Originally posted by cedricbonhomme August 25, 2022 Enforcing two factor authentication [1, 2] method for a MONARC client instance.

The goal is to be sure that all users have activated a two factor authentication method. For the moment the administrator of a MONARC client instance can check the status of 2FA for the users. But not enforce this.

With enforced two-factor authentication a solution must be offered for a newly created user on an instance with this setting already enabled. For example the possibility to only access to the page where 2FA can be configured for the new user. This is indeed a tricky situation often ignored or not really managed by other platforms (GitHub, Nextcloud, Google, etc. : the user is simply or blocked or rejected like on GitHub).

[1] https://github.com/monarc-project/MonarcAppFO/discussions/442 [2] https://github.com/monarc-project/MonarcAppFO/issues/288

cedricbonhomme avatar Aug 25 '22 07:08 cedricbonhomme