Alternative two factor login (eg Authenticator app or SMS Text Message)

20
3 years agoreviewed6
Organisations Motivation (why we need this feature): Ensure users are able to logon if/when their email servers are holding emails for longer than 5 minutes without opening the door to bad actors accessing users accounts with credentials gained via phishing or other means. Security and privacy is of growing importance to the eToolLCD user base so eToolLCD must assist in ensuring user's accounts are secure. , Which regions need the feature?: Global, Which projects types does the feature support?: Buildings, Infrastructure, Fit Outs, Landscaping, Which ratings systems require the feature?: Not rating system specific.,

As a user, sometimes my email takes longer than 5 minutes to arrive so I would like to receive the pin via text message instead.

6 Comments

  1. Sam4167

    Any chance for the option to opt out of two factor authentication? Or mark a device as safe? Find the pin process for every time I log in a little annoying, and feel a single level password would be fine

  2. Jonathan3156

    I find if I open another window the pin comes through the second time straight away normally. A client has advised this is still an issue, not sure if its been logged further?

  3. Thomas4447

    Would very much like to see this feature – lots of issues with the temp pin not coming through before the countdown on exchange servers.

  4. Richard Haynes

    Good thinking Fei! Well, we are putting some work around in place for the (very small) number of people this is affecting. Last count 800 successful logins and three people not receiving the email on time. I initially thought text message was the way to go but have doubts after reading this: https://dzone.com/articles/enabling-two-factor-authentication-for-your-web-ap

    We might go for google Authenticator https://dzone.com/articles/enabling-two-factor-authentication-for-your-web-ap

    1. Fei Ngeow

      Yeah I think google authenticator would be a great alternative! If you went with Google Authenticator, would you do away with the 5 min timer you think?

Leave A Comment?

You must be logged in to post a comment.