Add "2FA" secondary password with role for management

Question

Add "2FA" secondary password with role for management

amoose opened this issue 10 years ago · comments

Amos commented 10 years ago

Pseudo-two factor authentication via a 'master password' with custom role for management.

Noah Kunin commented 10 years ago

Ty!

Amos · Answer 1 · Tue Apr 29 2014 04:31:39 GMT+0800 (China Standard Time)

Acceptance:

master password challenge at login
new role 'key_master'
master password only editable by 'key_master'

Noah Kunin · Answer 2 · Tue Apr 29 2014 04:33:05 GMT+0800 (China Standard Time)

Looks good.

Noah Kunin · Answer 3 · Tue May 06 2014 00:49:36 GMT+0800 (China Standard Time)

Circling back on this one.

Amos · Answer 4 · Wed May 07 2014 02:38:43 GMT+0800 (China Standard Time)

@NoahKunin can we test this on staging?
http://brutus.staging.gsa.io
Log in, I will promote your user, and then you can enable 2FA.

Noah Kunin · Answer 5 · Wed May 07 2014 03:05:33 GMT+0800 (China Standard Time)

Alright, I'm in!

On Tue, May 6, 2014 at 2:38 PM, amoose notifications@github.com wrote:

@NoahKunin https://github.com/NoahKunin can we test this on staging?
http://brutus.staging.gsa.io
Log in, I will promote your user, and then you can enable 2FA.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/37#issuecomment-42341641
.

Noah Kunin - Delivery Architect
@NoahKunin http://twitter.com/noahkunin | @18F https://twitter.com/18F

Amos · Answer 6 · Wed May 07 2014 03:08:13 GMT+0800 (China Standard Time)

Promoted! You will see a 2FA link in the menu bar now. Currently, the active flag is set to false. Choose 'edit' to set to Active and set the password.

Noah Kunin · Answer 7 · Wed May 07 2014 03:58:58 GMT+0800 (China Standard Time)

Saving the new password generated an error.

We're sorry, but something went wrong.

If you are the application owner check the logs for more information.

On Tue, May 6, 2014 at 3:08 PM, amoose notifications@github.com wrote:

Promoted! You will see a 2FA link in the menu bar now. Currently, the
active flag is set to false. Choose 'edit' to set to Active and set the
password.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/37#issuecomment-42345277
.

Noah Kunin - Delivery Architect
@NoahKunin http://twitter.com/noahkunin | @18F https://twitter.com/18F

Noah Kunin · Answer 8 · Wed May 07 2014 05:48:13 GMT+0800 (China Standard Time)

Working now! What is the complexity requirement?

On Tue, May 6, 2014 at 3:58 PM, Noah Kunin - Q0B noah.kunin@gsa.gov wrote:

Saving the new password generated an error.

We're sorry, but something went wrong.

If you are the application owner check the logs for more information.

On Tue, May 6, 2014 at 3:08 PM, amoose notifications@github.com wrote:

Promoted! You will see a 2FA link in the menu bar now. Currently, the
active flag is set to false. Choose 'edit' to set to Active and set the
password.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/37#issuecomment-42345277
.

Noah Kunin - Delivery Architect
@NoahKunin http://twitter.com/noahkunin | @18F https://twitter.com/18F

Noah Kunin - Delivery Architect
@NoahKunin http://twitter.com/noahkunin | @18F https://twitter.com/18F

Noah Kunin · Answer 9 · Wed May 07 2014 06:44:08 GMT+0800 (China Standard Time)

Still curious on the complexity requirement, but just came in via fresh on an incognito window and it works! Closing, thank you!

Amos · Answer 10 · Wed May 07 2014 07:44:36 GMT+0800 (China Standard Time)

Currently, the complexity requirement is only minimum 8 characters. Let me know if it needs adjusting.

I pushed up a fix after your last comment, thanks for checking!

Noah Kunin · Answer 11 · Wed May 07 2014 09:40:41 GMT+0800 (China Standard Time)

That's fine. I'm going to be using a much more complex password than 8 chars. 🔒