Request for Two Factor Authentication / 2FA / TFA
When do you plan to support two factor authentication / 2FA / TFA for accounts?
This is a practically cost-less feature for you to add. If you use something like TOTP (Google Authenticator compatible), there are no SMS / email costs to you to implement it. TOTP is open and there are numerous open source libraries to make this easy (like https://bitbucket.org/devinmartin/otp-sharp/src/default/). And your clients probably already have Google Authenticator installed, so it's not like it will need a lot of explaining.
Email notifications for account logins (and where from) would also be a great and inexpensive addition.
Any timeline for these practically essential security features would be appreciated.
I second Chris' idea - any additional layer of security is icing on the cake from my POV as a DPO.1
This request is three years old now.. any update on this?0
Please sign in to leave a comment.