Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-514

Client Login: Add two factor authentication

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0.b3
    • Fix Version/s: 3.4.0-b1
    • Component/s: Client Interface
    • Labels:
      None

      Description

      Add two factor authentication for clients.

      This should be simplified. Perhaps only offer TOTP as an option, with QR code displayed.

        Issue Links

          Activity

          Hide
          admin Paul Phillips added a comment - - edited

          This should also work with contact logins CORE-627

          Show
          admin Paul Phillips added a comment - - edited This should also work with contact logins CORE-627
          Hide
          admin Paul Phillips added a comment -

          Needs a new task


          Under the client "Edit My Information" page, break the following sections down into tabs.

          • Contact Information
          • Billing Information (client only)
          • Additional Settings (client only)
          • Authentication (change password and setup/disable 2FA)

          2FA will then be configurable under the "Authentication" tab.

          Show
          admin Paul Phillips added a comment - Needs a new task — Under the client "Edit My Information" page, break the following sections down into tabs. Contact Information Billing Information (client only) Additional Settings (client only) Authentication (change password and setup/disable 2FA) — 2FA will then be configurable under the "Authentication" tab.
          Hide
          admin Paul Phillips added a comment -

          Admin users need to be able to disable 2FA for clients and contacts. If a client/contact is loses their key, disabling it will allow them to log in and set it up again.

          Admins should not be able to see the 2FA key, only turn it off if it has been set up.

          Show
          admin Paul Phillips added a comment - Admin users need to be able to disable 2FA for clients and contacts. If a client/contact is loses their key, disabling it will allow them to log in and set it up again. Admins should not be able to see the 2FA key, only turn it off if it has been set up.
          Hide
          tyson Tyson Phillips (Inactive) added a comment -

          When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password."

          That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.

          Show
          tyson Tyson Phillips (Inactive) added a comment - When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password." That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.
          Hide
          cody Cody Phillips (Inactive) added a comment -

          When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password."

          That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error.

          Any improvements I think should be added as new tasks.

          Show
          cody Cody Phillips (Inactive) added a comment - When saving the auth password for the first time, it's easy to get confused when receiving the error "Invalid password." That error may need to be more specific. Although the OTP password was correct, the user needs to also enter their current account password before the changes can be saved, hence the "Invalid password" error. Any improvements I think should be added as new tasks.

            People

            • Assignee:
              cody Cody Phillips (Inactive)
              Reporter:
              cody Cody Phillips (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                12/Dec/14

                Agile