[members-discuss] [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication

Hello,
as discussed previously, NCC Access here should implement not only 
(currently supported) TOPT method of 2FA, but also Webauthn should be 
supported. I think this should be implemented *before* we enforce 2FA on 
LIR portal.

And of course, (at least) login history should be integral part of 
portal. Optional (proactive) email notification about unsuccessfull 
logins will be also useful.

- Daniel

On 2/19/21 10:03 AM, Andy Saunders wrote:
> On 19/02/2021 08:37, Steffen Weinreich wrote:
>> Hi Ivo,
>>
>> Thanks for the heads up.
>>
>> It would be usefull if a LIR Admin user in the portal could see if "his"
>> users have the 2FA enabled. That way I could encourage my colleagues
>> without 2FA  to enable.
> In addition to this, please could we have an option to make 2FA logins
> mandatory for anyone logging into an organisation's LIR portal?
> 
> That way I don't have to keep checking that my staff have enabled 2FA
> 
> Many thanks,
> -- Andy Saunders, Network Development Manager IT Services, University of 
> Oxford 13 Banbury Road, Oxford, OX2 6NN 
> _______________________________________________ members-discuss mailing 
> list members-discuss at ripe.net 
> https://mailman.ripe.net/ Unsubscribe: 
> https://lists.ripe.net/mailman/options/members-discuss/danny%40danysek.cz
>