epic #11648 Multi-Factor Authentication

story #14024 be able to recover my account when I have lost my TOTP device

Artifact

Summary

As a

user

I want to *

be able to recover my account when I have lost my TOTP device

So that

I can recover access to my account when I have lost my TOTP device.

Acceptance criteria

When the user enroll itself, the possibility is given to download 10 recovery codes.

* A recovery code can be used instead of a TOTP code during the login process
* Each recovery code can be used only once
* There is a view in the account preferences to see how many recovery codes can still be used
* The recovery codes are stored in a way that make impossible to retrieve them (see the mechanism used for the personal access keys)
* The user can ask to generate new recovery codes

Open question: what to do when a user uses the last valid recovery code?

AttachmentsEmpty

CC listEmpty

Status

CategoryEmpty

Status *Ready (stalled)

Development

Checklist

[ ] Does it involves User Interface?
[ ] Are there any mockups?
[ ] Are permissions checked?
[ ] Does it need Javascript development?
[ ] Does it need a forge upgrade bucket?
[ ] Does it need to execute things in system events?
[ ] Does it impact project creation (templates)?
[ ] Is it exploratory?

Technical informationsEmpty

Details

Artifact ID#14024

Submitted ByThomas Gerbet (tgerbet)

Last Modified On2019-10-18 17:54

Submitted On2019-10-15 11:52

Rank11991

Permissions

Restrict access to this artifact for the following user groups:

References

Is related to

Artifact links

Empty

Reverse artifact links

Epics

Parent

Artifact ID	Project	Tracker	Summary	Status	Last Update Date	Submitted By	Assigned to
epic #11648	Tuleap	Epics	Multi-Factor Authentication	Canceled	2023-13-06 14:56	Thomas Gerbet (tgerbet)

Cross References

Referencing story #14024

Artifact Tracker v5

epic #11648 Multi-Factor Authentication

Follow-ups

Thomas Gerbet (tgerbet)

2019-10-18 17:54

Category set to

Public