You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to enable or disable 2FA, a user should be required to input their password via a confirmation modal. This will prevent a user from accidentally enabling 2FA and not setting it up. Also, the user's password should be required to disable 2FA in order to prevent potential hijacking of an account.
My proposal is to have a similar flow as to logging out other sessions.
As always, feedback is welcome.
The text was updated successfully, but these errors were encountered:
In order to enable or disable 2FA, a user should be required to input their password via a confirmation modal. This will prevent a user from accidentally enabling 2FA and not setting it up. Also, the user's password should be required to disable 2FA in order to prevent potential hijacking of an account.
My proposal is to have a similar flow as to logging out other sessions.
As always, feedback is welcome.
The text was updated successfully, but these errors were encountered: