Once the browser is 'trusted' iFindStuff can log into the Apple Id in the normal way unless there is a requirement to verify again at which point the 'Part 1' process will need to be re run and the plugin disabled until this is competedįrom a user perspective that would mean a couple of extra steps to get iFindStuff working. Once done - the user is only required to use the normal Apple Id and Password for future logins until they fully sign out, their password changes or after a set period from Apple (currently 2 months) The code is sent and then the user enters it to trust the browser for future logins The plugin uses a faux browser which isn't the one that you'd normally use on your system.Ī user needs to be able to select 'trusted' device for the verification code The plugin would have to recognise that 2FA is turned on and that a user hasn't authorised the plugin to login (e.g. If a 2FA requirement is detected then the 'browser' that iFindStuff uses needs to be verified. If 2FA is used on an Apple Account then the user will have to 'trust' the browser on the device that the Indigo Server is running onįor me that indicates the following use case: The login is then authenticated and the verification isn't required again for approximately 2 months The user then signs into the 'new' device with a password and the 6 digit verification code When a user signs into a 'new' device a verification code can be requested which is sent to a 'trusted' device selected by the user It depends on creating 'trusted devices' (e.g. One of the features that's been requested is the ability to use two factor authentication (2FA)įrom what I can understand this was introduced in IOS 9/El Capitan as more secure login technique and I want to check to see if users who want this feature understand and can help me define the use case.ĢFA is an optional feature that a user can switch on or off
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |