Open
Description
In order to support MultiFactor (more then one at the same time) authentication method we need in settings a screen/configuration module for administrator to configure the "chain" of MFA methods.
The screen will by default show the information:
Currently, two-factor authentication is enabled. This means that if a user has any MFA methods enabled (TOTP, Email, or Hardware Key), they can choose which method to use as the second factor after logging in with their username and password.
You can change this behavior by configuring a specific authentication flow. This allows you to require users to authenticate using designated methods in a defined order, enabling true Multi-Factor Authentication.
For example, you can configure the system so that in the first step, a user must use email codes, followed by TOTP or authenticator codes in the next step.
Note: If you define only one specific authentication method, users will be required to use that method exclusively. Other configured methods—though still present in their account—will not be available during the authentication process.
and then an editor defining the chain of MFA methods.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Analysis
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity