[members-discuss] two-factor authentication mandatory
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Thu Jan 11 17:10:54 CET 2024
> I agree completely with the use of 2FA and do agree with the spirit of > this being mandatory. However the current state of RIPE NCC MFA is not > suitable to be made mandatory. Namely the TOTP requires a phone (sms) > or TOTP App. I would like to see support for FIDO2 keys, if this is > not possible OTP via email would be a compromise. right now, totp works. make it mandatory and we have raised the bar seriously. i agree that webauth with fido2 would be nice. it will take too long, and could be costly in this time of tightening budgets. so i will be patient. email or sms are really bad ideas for widely known security reasons. randy
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]