Anonymous | Login | 2024-12-22 05:43 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0001412 | ClearOS | app-base - Base System | public | 2013-10-30 17:49 | 2018-11-20 11:52 | ||||
Reporter | user2 | ||||||||
Assigned To | bchambers | ||||||||
Priority | normal | Severity | feature | Reproducibility | have not tried | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | |||||||||
Target Version | Fixed in Version | ||||||||
Summary | 0001412: Add multi-factor authentication (MFA) | ||||||||
Description | Scope to be determined. | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Notes | |
(0001231) marclaporte (manager) 2014-07-13 10:22 |
Please see: http://www.dynalogin.org/ [^] https://www.youtube.com/watch?v=tWZgQvWy22A [^] https://www.ohloh.net/p/dynalogin [^] |
(0001232) marclaporte (manager) 2014-07-13 16:47 edited on: 2014-07-13 16:47 |
Joomla! add 2FA in version 3.2 http://www.youtube.com/watch?v=NbG6eehASW8 [^] http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31704&start=0 [^] |
(0001249) marclaporte (manager) 2014-07-26 08:58 |
In ClearOS, users can update their passwords: http://www.clearcenter.com/support/documentation/user_guide/user_profile [^] This should trigger multi-factor authentication (MFA). Also, there should be a way for apps to trigger this. For example, in Tiki, a user updates the payment gateway information for the shopping cart. Each app would determine a list of critical actions which trigger MFA. Thanks! |
(0001286) marclaporte (manager) 2014-08-26 19:55 |
Useful for high importance actions such as changing a password. Related: Provide setting to disallow users from changing passwords http://tracker.clearfoundation.com/view.php?id=1931 [^] |
(0001293) marclaporte (manager) 2014-09-07 22:09 |
When considering scope, let's also look into one-time passwords (OTP) and alternatives like: https://www.grc.com/sqrl/sqrl.htm [^] https://www.grc.com/offthegrid.htm [^] |
(0001340) marclaporte (manager) 2015-01-20 23:38 |
https://secure.clearcenter.com/ [^] could benefit from enhanced security. Linode has this: "When Account Security is enabled, you can only log in from an IP address on your whitelist. When someone attempts to log in with your username from an IP that is not on your whitelist an email alert is sent to you. The email contains a link that allows you to add that IP address to your whitelist. Subsequent successful logins from that IP will not generate an alert." Another option: A short code sent to the cell phone associated to the account |
(0001395) marclaporte (manager) 2015-03-17 11:20 |
A great site showing that MFA is becoming the standard: https://twofactorauth.org/ [^] |
(0008671) user2 2018-11-20 11:52 |
Just tracker cleanup. |
Issue History | |||
Date Modified | Username | Field | Change |
2013-10-30 17:49 | user2 | New Issue | |
2013-10-31 10:21 | user2 | Status | new => confirmed |
2014-07-13 10:22 | marclaporte | Note Added: 0001231 | |
2014-07-13 16:47 | marclaporte | Note Added: 0001232 | |
2014-07-13 16:47 | marclaporte | Note Edited: 0001232 | View Revisions |
2014-07-26 08:58 | marclaporte | Note Added: 0001249 | |
2014-08-26 19:55 | marclaporte | Note Added: 0001286 | |
2014-09-07 21:49 | marclaporte | Summary | Add two-factor authentication => Add multi-factor authentication (MFA) |
2014-09-07 22:09 | marclaporte | Note Added: 0001293 | |
2015-01-20 23:38 | marclaporte | Note Added: 0001340 | |
2015-03-17 11:20 | marclaporte | Note Added: 0001395 | |
2015-04-20 11:37 | marclaporte | Relationship added | related to 0001831 |
2018-11-20 11:52 | user2 | Assigned To | => bchambers |
2018-11-20 11:52 | user2 | Status | confirmed => assigned |
2018-11-20 11:52 | user2 | Note Added: 0008671 | |
2018-11-20 11:52 | user2 | Status | assigned => resolved |
2018-11-20 11:52 | user2 | Resolution | open => fixed |
2018-11-20 11:52 | user2 | Status | resolved => closed |