Ore icon indicating copy to clipboard operation
Ore copied to clipboard

Published 20 hours ago verified publisher icon SpongePowered

Allow organizations to require 2fa

Open Aaron1011 opened this issue 6 years ago • 2 comments

GitHub has a feature where organizations can require that all members have 2fa enabled for their respective accounts. It would be nice if Ore provided a similar feature for interested organizations.

Aaron1011 avatar Apr 25 '18 20:04 Aaron1011

We can implement this in two ways:

  1. Don't allow the user to join the organization if it requires 2FA and they don't have 2FA.
  2. Let them join but don't allow them to do anything.

The second option would be harder to implement, and not checking every error could lead to a security issue, so I think the first option is the route we should go.

I'm scheduling this for v2.1 as I believe it won't be needed until then. Shout any objections.

phase avatar Apr 26 '18 05:04 phase

https://github.com/SpongePowered/SpongeAuth/issues/183 will complicate this somewhat.

Aaron1011 avatar Jul 12 '18 23:07 Aaron1011