mathesar icon indicating copy to clipboard operation
mathesar copied to clipboard

Published 20 hours ago verified publisher icon mathesar-foundation

Two factor authentication

Open danielrosehill opened this issue 9 months ago • 2 comments

Feel like this is really a must for any web-accessible solution that's providing a backend to potentially lots of sensitive data.

I have mine behind Cloudflare Access, but I think if 2FA were implementable I'd feel comfortable having it a bit more exposed - which would in turn make it a lot easier to collaborate on management.

danielrosehill avatar May 08 '24 22:05 danielrosehill

Thanks for this suggestion, @danielrosehill. I agree that 2FA would add significant value to the product.

Out of curiosity, what is your personal preference around the type of 2FA. Most apps use SMS-based 2FA, which I personally don't like. I prefer authenticator-app-based 2FA, but I know it can sometimes be a barrier for less technically-inclined users who don't want to install an additional app. Then there are other things like FIDO and WebAuthn/Passkeys. If you have any opinions about these approaches, we'd love to hear them!

seancolsen avatar May 09 '24 17:05 seancolsen

Authenticator and/or biometric a la 1PW, stripe, etc.

dselfie avatar May 11 '24 02:05 dselfie