Usage of MFA

Hey their,
I would love to have the possibility to use MFA for account security with
Am I the only one that would like to have this option or are their more people that would value their Account security in that way.

GH Issue

While in theory I am supportive of 2fa everywhere, I don’t think anyone is so attached to their ogs profile to be worried about someone hacking in…


but I think more about Go Organisations that maybe want to enforce that a certain account is held by a certain player and have a form of Security that way.


But the Organisation neither has a way of knowing if the user has MFO enabled, nor do this give them any certification of the account owner in the first place.

1 Like

Your github issue suggesting pairing ogs with keybase has merit to this end… But I fail to see how mfa can achieve this goal

Maybe an optional added Restriction on Groups that members need to have MFA activated.

That still wouldn’t accomplish anything. Mfa adds an extra layer of certainty that the person who created the account is the same person currently logged in, but does absolutely nothing to add any extra certainty that that person is any given real world identity.

That certainty would only reached by Getting the Ogs Username from the person In Real Live and seeing them Log In or by trusting another service like Keybase.

FWIW, I worked on a project/startup to introduce a trust scheme for internet identities.

We didn’t get it off the ground though :frowning:

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.