rember 2FA when remember logging in #352
Comments
|
I think that this is not secure! The 2FA protects from unwanted logins from your personal device too (such as a login from a coworker, a family member, ...) |
|
Well, never seen a website do it like this. Like Laravel Vapor, GitLab, Home Assistant. If you click "keep me logged in" it will never ask the 2FA again until you manually logout. |
|
Asking for 2FA Code when login with "remember me" is weird. Never used a service acting like this. If you don't trust your cookie remember token you can logout other devices yourself. |
|
Also, a lot of services have an option "trust this device" when entering the 2FA code so it doesn't ask it again. Even when you logout. |
|
+1 "Trust this device" option should be available. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When you remember your login and the session expires, it asks for the 2FA code again.
I don't want to enter the 2FA code again if I have enabled the remember me at login.
The text was updated successfully, but these errors were encountered: