Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Design: Email OTP instead of JWT and add Recovery Codes #3801

Closed
james-d-elliott opened this issue Aug 7, 2022 · 1 comment · Fixed by #6332
Closed

Design: Email OTP instead of JWT and add Recovery Codes #3801

james-d-elliott opened this issue Aug 7, 2022 · 1 comment · Fixed by #6332
Labels
area/email Email related features/bugs type/feature Request for adding a new feature
Milestone
v4.38.0

Comments

@james-d-elliott
Copy link
Member

james-d-elliott commented Aug 7, 2022
edited

Feature Request

Description

Critical: #135

Design a identity verification procedure absent the JWT which:

  1. Uses a one-time password which is sent to a user. Password reset links don't work when Outlook "safe links" are enabled #2994
  2. Allows administrators to configure a initial timeout (i.e. a timeout of when it must be used by). Reset password expiration #3569
  3. Allows a duration of session elevation which the administrator can configure both a an inactivity (i.e. when no privileged actions were completed within that time-frame) and hard timeout (i.e. if the elevation occurred at x, and the admin configures y, if the time is past x + y then it's timed out regardless of the inactivity) for.
  4. Allow admins to configure what these codes are able to do:
    1. Use as a 2FA option. 2FA : Send verifications codes to mail ? #2035
    2. Register first 2FA option. Add recovery code #1319 and partially Security of 2FA enrollment process may be improved. #135
    3. Register any 2FA option (current).
  5. Ensure we generate recovery codes for a user which can be used to override 4.2's restriction. Add recovery code #1319

Use Case

N/A
@james-d-elliott james-d-elliott added the type/feature Request for adding a new feature label Aug 7, 2022
This was referenced Aug 7, 2022
Closed
Closed
Closed
@james-d-elliott james-d-elliott changed the title Design: Email OTP instead of JWT Design: Email OTP instead of JWT and add Recovery Codes Aug 7, 2022
This was referenced Aug 7, 2022
Closed
Closed
@james-d-elliott james-d-elliott added the area/email Email related features/bugs label Aug 7, 2022
@smkent smkent mentioned this issue Nov 12, 2022
Closed
14 tasks
@james-d-elliott james-d-elliott mentioned this issue Apr 10, 2023
Closed
james-d-elliott added a commit that referenced this issue Oct 24, 2023
@james-d-elliott
feat: one-time codes for identity verification
aa5cd9b 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
@james-d-elliott james-d-elliott added this to the v4.38.0 milestone Oct 26, 2023
james-d-elliott added a commit that referenced this issue Oct 27, 2023
@james-d-elliott
feat: one-time codes for identity verification
5c9154c 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 28, 2023
@james-d-elliott
feat: one-time codes for identity verification
a58722a 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 28, 2023
@james-d-elliott
feat: one-time codes for identity verification
ac22c33 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 28, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
a82ecf1 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 28, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
2fb157f 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 28, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
00135b9 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 29, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
a005c12 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 29, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
ffd1ad8 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Oct 30, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
399231e 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 4, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
211aba5 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 11, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
de1c1ad 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 12, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
6a19e1e 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 14, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
872b211 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 17, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
03ef2cf 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 18, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
5099718 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 18, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
d259daf 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 20, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
92c833f 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Nov 20, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
e570cdc 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 5, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
3fc917e 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 6, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
3437570 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 7, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
a1e97ff 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 11, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
d6e5524 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 12, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
b868b17 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 16, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
27162f6 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 17, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
2debd62 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 20, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
00bc2c4 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 23, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
4dde4f1 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 24, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
ef53cd0 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 24, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
091e40f 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 25, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
8467e36 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 25, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
a740790 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 26, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
3f4e6cb 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 27, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
4c7f946 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 29, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
06769ee 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 29, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
a910c10 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Dec 31, 2023
@james-d-elliott
feat(web): one-time codes for identity verification
44d51d9 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Jan 1, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
a368652 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Jan 13, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
08ce68d 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Jan 20, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
2eb6b4e 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Feb 18, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
292fa47 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Feb 18, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
c751aec 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Feb 19, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
e42c68a 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Mar 1, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
60fa8e0 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Mar 2, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
2e2891d 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Mar 4, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
a9bac79 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
james-d-elliott added a commit that referenced this issue Mar 4, 2024
@james-d-elliott
feat(web): one-time codes for identity verification
e618cf3 
This replaces the JWT method for Identity Verification for most elements with a One-Time Code which has a controllable lifetime. These codes elevate the session for a duration, are less likely to be accidentally clicked, can be revoked, and generally a better experience for users. Users will be able to copy the codes directly from the email or manually type them. This improves the process as the user is very unlikely to input the code into the wrong window, and can't open it in the wrong browser. In addition the process prevents accidental clicking from causing issues.

Closes #3801

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
@james-d-elliott james-d-elliott mentioned this issue Mar 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/email Email related features/bugs type/feature Request for adding a new feature
Projects
None yet
Milestone
v4.38.0
Development

Successfully merging a pull request may close this issue.

merge: v4.38 authelia/authelia
2 participants
@zorino @james-d-elliott