This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/members-discuss@ripe.net/
[members-discuss] two-factor authentication mandatory
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Randy Bush
randy at psg.com
Thu Jan 11 17:10:54 CET 2024
> I agree completely with the use of 2FA and do agree with the spirit of > this being mandatory. However the current state of RIPE NCC MFA is not > suitable to be made mandatory. Namely the TOTP requires a phone (sms) > or TOTP App. I would like to see support for FIDO2 keys, if this is > not possible OTP via email would be a compromise. right now, totp works. make it mandatory and we have raised the bar seriously. i agree that webauth with fido2 would be nice. it will take too long, and could be costly in this time of tightening budgets. so i will be patient. email or sms are really bad ideas for widely known security reasons. randy
- Previous message (by thread): [members-discuss] two-factor authentication mandatory
- Next message (by thread): [members-discuss] two-factor authentication mandatory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]