Comments (4)
Thanks for the update / context. We're having the described problem / behaviour with a merchant on Magento v2.3.6-p1. I'll let them know that the experience is different with v2.4.0+. We're likely to need something in the short term while the 2.4 upgrade is in progress; I'll have a look at the linked pull request for inspiration on what can/shouldn't be changed locally.
from security-package.
Thank you for opening this issue! I am closing this along with others due to 2fa currently undergoing a very large internal rewrite/refactor this change will not be needed in the new version.
from security-package.
@nathanjosiah Please can you provide a link to the work that you've suggested was underway last year? We have exactly the problem described in this issue. What's the timeline for the work you've mentioned? Would you be willing to accept a pull request that solves this problem in the meantime?
from security-package.
Hello @fredden The work can be seen in #230. The security package 1.0.0 version that released alongside magento 2.4.0 came with a huge refactor/rewrite of 2fa. The merchant is able to configure which 2fa methods are enabled and the admins have to configure each of them. However, once they are configured the user may choose which one they want to use. We do allow the user to bypass configuration of methods as long as there is at least one method configured. But this is mainly to support workflows where a merchant may require multiple methods but the user is temporarily only able to configure one of them (for example if they do not yet have the company issued U2F physical key).
from security-package.
Related Issues (20)
- Mark interfaces and blocks as API HOT 6
- Newly created admin users are unable to pass Two-Factor Authentication HOT 4
- Not able to use captcha multiple times in same page HOT 7
- Admin user 2FA provider preference not saving HOT 12
- Unable to Plugin to \Magento\TwoFactorAuth\Observer\ControllerActionPredispatch HOT 4
- Remove 2FA Force Provider "Use system value" checkbox HOT 3
- Disable 2fa auth for specifi user HOT 2
- ReCaptcha checkout config provider name conflicts with Braintree HOT 6
- Authy Remember Me Option HOT 1
- Errors with bulk API when ReCaptchaWebapiRest is enabled HOT 8
- test HOT 5
- Publish a new release of TwoFactorAuth extension HOT 2
- I have got an issue on admin frequently "You cannot proceed with such operation, your reCaptcha reputation is too low. HOT 6
- Duplicate reCAPTCHA validation breaks checkout success redirect after initial server error response HOT 6
- Wrong version in 1.1.3-p1 metapackage composer.json HOT 4
- Missing LESS guards create duplicate CSS HOT 6
- The Magento works with Google reCaptcha v3 incorrectly. HOT 3
- reCaptcha JS recaptcha_en.js is added multiple times to head HOT 4
- Replace autocomplete="off" with autocomplete="one-time-code" on auth HOT 1
- reCapcha loading reflects to page speed HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-package.