Project

General

Profile

Actions

Feature #35439

closed

Option to require 2FA only for users with administration rights

Added by Marius BĂLTEANU over 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Category:
Accounts / authentication
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

#31920 adds the option to enable 2FA only for certain groups when the 2FA setting is set to optional. This is very useful, but it doesn't cover the case when you want to enable 2FA only for administrators. As a best security practice, if you cannot enforce for all users, the administrators should be top priority to secure using 2FA.

My proposal is to add a new setting to allow enforcing 2FA only for administrators:

What do you think?


Files


Related issues

Related to Redmine - Feature #1237: Add support for two-factor authenticationClosedGo MAEDA2008-05-14

Actions
Related to Redmine - Feature #34070: Allow setting a grace period when forcing 2FANewMarius BĂLTEANU

Actions
Related to Redmine - Feature #31920: Require 2FA only for certain user groupsClosedMarius BĂLTEANU

Actions
Actions

Also available in: Atom PDF