New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow enforcing 2FA only if current admin has 2FA enabled #12269
Comments
well... sure it would be a nice enhancement. But personally I do not have trust in an admin that would not understand that if you enforce this that you yourself of all people should have it enabled 🙊 |
Me neither, but apparently some people have already run into this: #12249 🙈 |
I recommend the status of this ticket be bumped up from low to at least medium. Snap just pushed out new versions for everyone two days ago and it disabled all 2FA methods on upgrade. |
I don't see how this check/warning would help with that issue. If 2FA providers disappear (disabled, fail to load) we have to still enforce 2FA because this might otherwise open doors for attackers. The real issue here is that the apps got disabled for some reason. This has to be addressed instead. |
I think #11102 is the ticket where we're discussing that ;) |
This was brought up in #12249.
Without this, an admin that does not read the warnings will lock themselves out.
The text was updated successfully, but these errors were encountered: