Title basically says it all. Data security is very solid, but the satellite login still relies on only a username and password. Adding 2FA would help secure the login that also gives access to creating access grants. And while data is still secure if someone gets in there due to the encryption passphrase still providing protection, it would be possible to delete data/buckets from there.
Hi @BrightSilence, I’m glad you brought this up. And I’m happy to say that implementing 2FA is next up to bat. It’s been a high priority and it’s coming soon!
4 Likes
Please add 2FA to https://eu1.storj.io/ login. It can be an attack vector to login to the sattelite and create a acces grant and with this grant it is possible to delete buckets
That’s an awesome idea!
… that has been posted and voted on before.
Let’s not split the votes.
Upcoming features from our product roadmap:
- Finishing up adding multi-factor authentication on the Satellite for customers.
Will be implemented in v1.36.1. Thanks @Storjlings!
2 Likes