Enforce 2FA for all users #285
Replies: 5 comments
-
not all users will have 2-Auth devices. "Requires 2-Auth. for every user" |
Beta Was this translation helpful? Give feedback.
-
When looking at this, it may be a good idea to also keep in mind similar things like:
Some of these will have similar UI, meaning an extra step after logging in. That’s why I’m mentioning these. |
Beta Was this translation helpful? Give feedback.
-
2FA should be able to be enforce by the admin of the system if they so choose, a user not having a 2FA device is no excuse, if they cannot get one or be trained to use one then they should not be allowed into the system. |
Beta Was this translation helpful? Give feedback.
-
This should be an option not a requirement. Sounds like a good one to add to the Policies section for server settings. This also protects the server somewhat from user with weak passwords. |
Beta Was this translation helpful? Give feedback.
-
I Don’t agree with end user enforcement.. the end user should have the choice, how they want to protect their server. BTCPay Server just needs a reminder of best security practices. For new users. |
Beta Was this translation helpful? Give feedback.
-
It would be great if admin could enforce 2-Auth for all users. So after user login he must setup 2-Auth. that he can use site.
"Requires 2-Auth. for every user"
Beta Was this translation helpful? Give feedback.
All reactions