On Fri, Feb 19, 2021 at 01:06:21PM +0100, Daniel Suchy via members-discuss wrote:
as discussed previously, NCC Access here should implement not only (currently supported) TOPT method of 2FA, but also Webauthn should be supported. I think this should be implemented *before* we enforce 2FA on LIR portal.
And of course, (at least) login history should be integral part of portal. Optional (proactive) email notification about unsuccessfull logins will be also useful.
Strongly support the suggestion to for RIPE NCC to implement WebAuthn. A similar suggestion was made to North American RIR: https://www.arin.net/participate/community/acsp/suggestions/2021/2021-2/ The same motivations of course apply to RIPE NCC online accounts too. Kind regards, Job