Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-79199

As an administrator, I want to be able to offer multi-factor authentication to users

    Details

    • Type: Feature Request
    • Status: Closed
    • Priority: Minor
    • Resolution: Implemented in Platform
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Application Security
    • Labels:
    • Priority Level:
      Low

      Description

      Background

      The FTC recently fined a company who was the victim of a credential stuffing attack. Although the company was a victim, the company is still liable because credential stuffing has become a foreseeable problem and the company did not do enough to prevent this problem.

      As summarized in the article:

      Nonetheless, if it wasn't clear before, it is after TaxSlayer: Companies that fail to consider the risks of credential stuffing, and to implement mitigating controls, do so at their peril. Companies that fail to use multi-factor authentication to protect sensitive data do so at their particular peril. The precise legal hook relied upon by privacy enforcers will always vary from case to case, but the enforcement community's commitment to these principles is here to stay.

      Credential stuffing is currently a huge issue and with rulings like this from the FTC, more and more organizations will need multi-factor authentication.

      Feature Request

      Liferay Portal should offer some sort of multi-factor authentication out of the box. The easiest options to offer are probably Email and TOTP (e.g., Google Authenticator)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              support-lep@liferay.com SE Support
              Reporter:
              samuel.kong Samuel Kong
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package