2FA via TOTP / RFC 6238 is available to all accounts and is enforced for all administrative accounts


Status: APPROVED
Changes: 3
Source: link
Author: NeurohrByteS Lv. 4


Time-based one-time passwords (TOTP) is available for all users, as can be seen in the login screen. The enforcement is documented under "Usage" in the privacy policy: `Our employees can access your data via access controlled, two-factor authenticated, portal interfaces.` Internal information (since I'm the developer): Administrative accounts are required to enable 2FA before they are allowed to access other user's data (invoices, support desk tickets, etc.)


Comments:
No comments found


We track editorial changes to analyses and updates to a point's status and display the previous versions here as part of an effort to promote transparency regarding our curation process.

Version 3: 2023-06-30 18:29:04 UTC by AgnesDeLion 20760 Lv. 91
Analysis updated

Previous Status: PENDING

Updated Status: APPROVED

Version 2: 2023-06-21 18:23:16 UTC by NeurohrByteS 20647 Lv. 4
Analysis updated

Previous Analysis: Time-based one-time passwords (TOTP) is available for all users, as can be seen in the login screen. Internal information (since I'm the developer): Administrative accounts are required to enable 2FA before they are allowed to access other user's data (invoices, support desk tickets, etc.)

Updated Analysis: Time-based one-time passwords (TOTP) is available for all users, as can be seen in the login screen. The enforcement is documented under "Usage" in the privacy policy: `Our employees can access your data via access controlled, two-factor authenticated, portal interfaces.` Internal information (since I'm the developer): Administrative accounts are required to enable 2FA before they are allowed to access other user's data (invoices, support desk tickets, etc.)

Version 1: 2023-06-21 18:15:29 UTC by NeurohrByteS 20647 Lv. 4
Analysis created

Title: 2FA via TOTP / RFC 6238 is available to all accounts and is enforced for all administrative accounts

Analysis: Time-based one-time passwords (TOTP) is available for all users, as can be seen in the login screen. Internal information (since I'm the developer): Administrative accounts are required to enable 2FA before they are allowed to access other user's data (invoices, support desk tickets, etc.)

Status: PENDING