Project

General

Profile

Actions

Feature #18032

open

2FA required on every log in/log out sequence

Added by Raffi Khatchadourian 11 months ago. Updated 11 months ago.

Status:
Hold
Priority name:
Normal
Assignee:
Category name:
Authentication
Target version:
Start date:
2023-04-13
Due date:
% Done:

0%

Estimated time:
Deployment actions:

Description

I have to enter an OTP each time I log out and log back in, even on the same browser. Shouldn't I only be required to enter the OTP when the machine ID changes (using a different or upgraded browser). Shouldn't the second factor only be used when the device is unrecognized?

Actions #1

Updated by Raymond Hoh 11 months ago

  • Tracker changed from Bug to Feature
  • Category name set to Authentication
  • Status changed from New to Hold
  • Assignee set to Raymond Hoh
  • Target version set to Future release

Hi Raffi,

The WordPress 2FA plugin that we currently use does not support remembering a trusted device yet. See https://github.com/WordPress/two-factor/issues/230.

Once this feature is available in the plugin, we can circle back to this.

Actions

Also available in: Atom PDF