Global Setting for 2FA Requirement
Considering your portal grants access to all of our monitored systems, we should have the ability to enable (something like an on/off switch) 2FA on a global level. This would mean any current users and/or new users cannot log into the portal until the configure and set up 2FA. As of today, it's a user's choice. The administrators should be able to make this a requirement.
Comments: 3
-
01 Feb, '21
Willem van ZylI second this. The end user will mostly disable this and to keep security in a good standing order the Administrator must be able to enforce this for all users.
-
14 Feb, '21
Johnny JAbility to force it for users, scope or group of individual, but also setting to exclude specific users e.g. central/emergency backdoor admin
In reference:
https://pulseway.featureupvote.com/suggestions/159164/2factor-remember-login-on-secured-device-30-days -
18 Feb, '21
Marius Mihalec AdminIn the Web Application -> Server Admin -> Settings -> Security Tab, select the "Enforce 2FA for all accounts" option.