Journalist 2FA setup should provide backup codes #2287
Comments
|
What about providing 3 backup code(s)? Or do we want more? |
|
Good idea, @huertanix! In practice I've seen knowledgeable users document the 2FA TOTP seed value, to help recovery situations if a phone gets lost. That's not good practice, though, and it'd be better to issue recovery codes. @kushaldas Providing 3 backup codes is plenty—if a backup code is used, the first task should be to reset the 2FA. Documentation about how to safely store the backup codes will need to be clear. We've been training folks to stuff everything they need into KeePass within Tails, but that rubs against the grain of the purpose of 2FA a bit. |
|
Here are a few questions for the design:
|
If we need to add a table (which it sounds like we would need unless there is something in
Yep, backup codes should be one time usable. |
|
Backup codes are not part of TOTP spec, so we will have to implement of our own. |
|
Noting that schema changes are easier now, so we can add a new table for backup codes as necessary. Some small amount of UX + Security research tbd before proceeding. |
Feature request
Journalist 2FA setup should provide backup codes.
Description
Currently, the 2FA workflow for journalists does not include the generation of 2FA backup codes, which are important for all the use cases which backup codes are useful for. Some verbiage should also be included to instruct the user to save their backup codes in their (Tails workstation KeePassX?) password manager.
User Stories
As a journalist, I would like to have backup 2FA codes available (and instructions on where to safely keep them) so that I can log into SecureDrop after I upgrade to my cool phone to the new cool phone x and link up the new device with my account.
The text was updated successfully, but these errors were encountered: