improve the OTP experience

[roudger]

Using One Time Password to login seems mandatory for sufficient security.

But when you have to connect 15 times a day, it's tedious ...

It would be very convenient to be able to authorize the connection without OTP for x minutes or hours after a first connection on the same browser, as can be seen in most web applications that use OTP.

Thank you

[roudger]

it might be interesting to have an option to force all users to use 2-factor authentication for more security.
Thank you for this wonderful job!

[nuxsmin]

Hello, sorry for the late reply...

I agree with you, the "reminder" feature will be implemented in next releases. The other one, I'll try to find out a solution in order to force users to use this kind of authentication. Be aware that the plugin architecture is loosely coupled with sysPass code base, because it depends on events to run the plugin's tasks, so is not easy to "force" users to enable this behavior.

Thanks for the feedback!

[roudger]

Hello,
Very good news !
Good luck to find a solution and many thanks

[IcebergTitanic]

Not sure if it is possible, but perhaps it would be helpful to allow for a different assignment of profile based on whether 2FA is enabled or not? Especially if it could be (optionally) automatic.

So for example, initial login for a user gives a non-privileged profile, but upon enabling 2FA successfully, the profile can be upgraded to a more privileged profile. And then if the user disables 2FA then it should automatically revert to the unprivileged profile. I know that sounds pretty involved, but it would really help this be really useful IMHO.

[roudger]

Hi,
Another small improvement: it would be useful if the password field was activated (focus) by default in order to avoid an additional click