Silla.IO icon indicating copy to clipboard operation
Silla.IO copied to clipboard

Published 20 hours ago verified publisher icon WeAreAthlon

Two-step Verification

Open sandio opened this issue 10 years ago • 0 comments

Introduce a more secure way to access the Admin, as this could sometimes be critical.

This should work as an option per user and not system-wide. For example, Admin accounts use two-step verification, whereas moderators log in normally.

Two-step verification can be achieved though:

  • after logging in with a password a verification code is sent as a text message,
  • after logging in with a password a verification code is sent to an app we build,
  • QR or similar codes are used to identify a unique device owned by the account holder (e.g. personal smartphone). Pins or passwords can be used together with the QR code.

Two leading two-step verification methods used by Google and Verizon: http://www.verizonenterprise.com/news/2014/08/security-qr-code-encryption-login http://www.google.com/landing/2step/

sandio avatar Jan 12 '15 15:01 sandio