Project

General

Profile

Actions

Feature #34070

open

Allow setting a grace period when forcing 2FA

Added by Marius BĂLTEANU about 4 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Category:
Accounts / authentication
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

On top of #31920 and #35439 which will allow to enable 2FA for certain groups or for administrators, we should add an option in admin to configure a grace period until the 2FA enforcement applies to all users.

In the grace period, the user should be redirected to the 2FA activation page after each successful login and informed about the enforcement, but with the option to skip the activation until enforcement date.

From my point of view, the simplest way is to add a new setting "Enforcement starting from" where the admin can choose the date.

Also, for new registered users, a similar grace period should be configurable, but in number of days.

Any feedback is welcome.

@Plan.io team, I have added you as watchers because the current implementation was provided by you and your feedback is important on all those issues related to 2FA.


Files


Related issues

Related to Redmine - Feature #1237: Add support for two-factor authenticationClosedGo MAEDA2008-05-14

Actions
Related to Redmine - Feature #35086: Please consider changing the way how 2FA is set upClosed

Actions
Related to Redmine - Feature #35439: Option to require 2FA only for users with administration rightsClosedMarius BĂLTEANU

Actions
Actions

Also available in: Atom PDF