Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-514

Client Login: Add two factor authentication

        Details

        • Type: New Feature
        • Status: Closed
        • Priority: Major
        • Resolution: Fixed
        • Affects Version/s: 3.0.0.b3
        • Fix Version/s: 3.4.0-b1
        • Component/s: Client Interface
        • Labels:
          None

          Description

          Add two factor authentication for clients.

          This should be simplified. Perhaps only offer TOTP as an option, with QR code displayed.

            Issue Links

            is blocked by

            Improvement - An improvement or enhancement to an existing feature or task. CORE-1459 Add tabs to client/contact Edit My Info pages

            • Major - Major loss of function.
            • Closed

              Activity

              Ascending order - Click to sort in descending order
              cody Cody Phillips (Inactive) created issue -
              admin Paul Phillips made changes -
              Field Original Value New Value
              Fix Version/s 3.0.0.b5 [ 10209 ]
              Fix Version/s 3.0.0.b4 [ 10208 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.0.b6 [ 10210 ]
              Fix Version/s 3.0.0.b5 [ 10209 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.0.b7 [ 10211 ]
              Fix Version/s 3.0.0.b6 [ 10210 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.0 [ 10000 ]
              Fix Version/s 3.0.0.b7 [ 10211 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.1 [ 10212 ]
              Fix Version/s 3.0.0 [ 10000 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.2 [ 10213 ]
              Fix Version/s 3.0.1 [ 10212 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.0.3 [ 10214 ]
              Fix Version/s 3.0.2 [ 10213 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.2.0 [ 10002 ]
              Fix Version/s 3.0.3 [ 10214 ]
              admin Paul Phillips made changes -
              Fix Version/s 3.4.0 [ 10400 ]
              Fix Version/s 3.2.0 [ 10002 ]
              Hide
              Permalink
              admin Paul Phillips added a comment - - edited

              This should also work with contact logins CORE-627

              Show
              admin Paul Phillips added a comment - - edited This should also work with contact logins CORE-627
              admin Paul Phillips made changes -
              Security Private [ 10000 ]
              admin Paul Phillips made changes -
              Sprint 3.4.0 Sprint 1 [ 3 ]
              admin Paul Phillips made changes -
              Rank Ranked lower
              cody Cody Phillips (Inactive) made changes -
              Story Points 5
              Hide
              Permalink
              admin Paul Phillips added a comment -

              Needs a new task


              Under the client "Edit My Information" page, break the following sections down into tabs.

              • Contact Information
              • Billing Information (client only)
              • Additional Settings (client only)
              • Authentication (change password and setup/disable 2FA)

              2FA will then be configurable under the "Authentication" tab.

              Show
              admin Paul Phillips added a comment - Needs a new task — Under the client "Edit My Information" page, break the following sections down into tabs. Contact Information Billing Information (client only) Additional Settings (client only) Authentication (change password and setup/disable 2FA) — 2FA will then be configurable under the "Authentication" tab.
              Hide
              Permalink
              admin Paul Phillips added a comment -

              Admin users need to be able to disable 2FA for clients and contacts. If a client/contact is loses their key, disabling it will allow them to log in and set it up again.

              Admins should not be able to see the 2FA key, only turn it off if it has been set up.

              Show
              admin Paul Phillips added a comment - Admin users need to be able to disable 2FA for clients and contacts. If a client/contact is loses their key, disabling it will allow them to log in and set it up again. Admins should not be able to see the 2FA key, only turn it off if it has been set up.
              cody Cody Phillips (Inactive) made changes -
              Link This issue is blocked by CORE-1459 [ CORE-1459 ]
              cody Cody Phillips (Inactive) made changes -
              Sprint 3.4.0 Sprint 1 [ 3 ] 3.4.0 Sprint 2 [ 4 ]
              cody Cody Phillips (Inactive) made changes -
              Rank Ranked higher
              cody Cody Phillips (Inactive) made changes -
              Rank Ranked higher
              cody Cody Phillips (Inactive) made changes -
              Sprint 3.4.0 Sprint 2 [ 4 ] 3.4.0 Sprint 3 [ 5 ]
              cody Cody Phillips (Inactive) made changes -
              Status Open [ 1 ] In Progress [ 3 ]
              cody Cody Phillips (Inactive) made changes -
              Status In Progress [ 3 ] Resolved [ 5 ]
              Resolution Fixed [ 1 ]
              Hide
              Permalink
              tyson Tyson Phillips (Inactive) added a comment -

              When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password."

              That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.

              Show
              tyson Tyson Phillips (Inactive) added a comment - When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password." That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.
              Hide
              Permalink
              cody Cody Phillips (Inactive) added a comment -

              When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password."

              That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.

              Any improvements I think should be added as new tasks.

              Show
              cody Cody Phillips (Inactive) added a comment - When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password." That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error. Any improvements I think should be added as new tasks.
              tyson Tyson Phillips (Inactive) made changes -
              Status Resolved [ 5 ] Closed [ 6 ]

                People

                • Assignee:
                  cody Cody Phillips (Inactive)
                  Reporter:
                  cody Cody Phillips (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    12/Dec/14

                    Agile