Reduce the number of 2-f authorisations from trusted locations
Bug #1065428 reported by
Anthony Dillon
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical SSO provider |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
Hello,
I realise this is an opinion but would it be possible for SSO to skip the 2F authentication when the request is from the Bluefin office.
Thank you,
Ant.
Revision history for this message
| Stuart Metcalfe (stuartmetcalfe) wrote | #1 |
| summary: |
- No 2F from within Bluefin office + Reduce the number of 2-f authorisations from trusted locations |
| Changed in canonical-identity-provider: | |
| status: | New → Confirmed |
| importance: | Undecided → Wishlist |
To post a comment you must log in.
Skipping it entirely wouldn't be an option - being connected from the Bluefin network doesn't guarantee you are who you say you are although it does make it more difficult to fake. However, we have considered whether we can reduce the number of 2-f authentications from specific networks to, perhaps, one-per day as long as the user hasn't accessed their account from elsewhere between requests. I'll change the title of this bug slightly to reflect that.