update docs

docs/gitlab/group/group_allows_excessive_mfa_grace_period.md

@@ -0,0 +1,30 @@
+---
+layout: default
+title: Two-Factor Authentication Grace Period Should Not Be Longer Than One Week
+parent: Group Policies
+grand_parent: GitLab Policies
+---
+
+
+## Two-Factor Authentication Grace Period Should Not Be Longer Than One Week
+policy name: group_allows_excessive_mfa_grace_period
+
+severity: MEDIUM
+
+### Description
+New members added to your group are allowed longer than a week to enable MFA. The time frame should be lowered to one week or less.
+
+### Threat Example(s)
+Any new group membmer effectivly acts as an attack surface until two-factor authentication is enabled. The risk is compounded as new members may be more vulnerable to phising and identity theft attacks.
+
+
+
+### Remediation
+1. Go to the group page
+2. Press Settings -> General
+3. Expand "Permissions and group features"
+4. In the box titled: "Delay 2FA enforcement (hours)", enter a number under 168 (preferably 0)
+5. Press "Save Changes"
+
+
+

docs/index.md

@@ -21,4 +21,4 @@ Supporting:
 And More to come...
 
 ---
-> ℹ️ **NOTE:** This webpage describes only the policies that Legitify supports. To learn more about how to use the cli tool, or contribute the source code, visit [Legitify's GitHub page](https://github.com/Legit-Labs/legitify).
+> ℹ️ **NOTE:** This webpage describes only the policies which Legitify supports. To learn more about how to use the cli tool, or contribute the source code, visit [Legitify's GitHub page](https://github.com/Legit-Labs/legitify).