2-Factor Authentication (2FA - Done)

The following warnings occurred:

Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.1.2-1ubuntu2.14 (Linux)

File	Line	Function
/global.php(961) : eval()'d code	26	errorHandler->error
/global.php	961	eval
/showthread.php	28	require_once

× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!

0 Vote(s) - 0 Average
1
2
3
4
5

2-Factor Authentication (2FA - Done)

Brandin
Lead Developer

Joined: Oct 2016

Posts: 1,297

Reputation: 7

#35

11-21-2017, 12:57 AM

Hi Troixoin,

My thoughts are that something unexpected could occur, and users may be able to bypass the 2FA check since

Code:
twoPassed

is defaulted to true as you define it as true, and only change it to false if the check fails.

My recommendation is change this to false by default, and update to true only if the check passes.

That way you cover bases of something unexpected and users being able to gain access when they shouldn't.

This is all theoretical, but I think rejecting for all reasons and accepting for one versus the opposite is more secure and safer.

B.

Messages In This Thread

2-Factor Authentication (2FA - Done) - by Trioxin - 11-19-2017, 05:30 PM

2-Factor Authentication (2FA - Done) - by mudmin - 11-19-2017, 10:17 PM

2-Factor Authentication (2FA - Done) - by Brandin - 11-19-2017, 10:24 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 06:53 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 07:27 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 07:30 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 08:49 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 08:53 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 08:53 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 08:53 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 08:54 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 08:55 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 08:59 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:03 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:04 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:05 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:09 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:13 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:14 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:16 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:17 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:18 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:23 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:27 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:32 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:40 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 09:44 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:45 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 09:46 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-20-2017, 10:08 PM

2-Factor Authentication (2FA - Done) - by Jamie - 11-20-2017, 10:43 PM

2-Factor Authentication (2FA - Done) - by Brandin - 11-20-2017, 11:47 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-21-2017, 12:31 AM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-21-2017, 12:35 AM

2-Factor Authentication (2FA - Done) - by Brandin - 11-21-2017, 12:57 AM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-21-2017, 04:43 AM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-21-2017, 04:48 AM

2-Factor Authentication (2FA - Done) - by Brandin - 11-21-2017, 11:14 AM

2-Factor Authentication (2FA - Done) - by mudmin - 11-21-2017, 02:50 PM

2-Factor Authentication (2FA - Done) - by Trioxin - 11-24-2017, 06:48 PM

2-Factor Authentication (2FA - Done) - by shoropio - 11-25-2017, 02:28 PM

2-Factor Authentication (2FA - Done) - by mudmin - 11-26-2017, 12:34 PM

2-Factor Authentication (2FA - Done) - by mudmin - 11-27-2017, 03:54 PM

View a Printable Version

Users browsing this thread: 1 Guest(s)