[Wishlist] 2FA for members Planned

Post author
Memberstack Team
[This post was migrated from our old community roadmap]
 
1) The problem → I'd like to enable 2-factor-authentication for my customers.
2) Why is this important → This is also a topic for me as I work with critical customer bank data. We are increasingly being asked to implement 2FA for member accounts on client projects as a core requirement due to the both perceived and actual step changes in account security. We are seeing awareness of 2FA/MFA amongst clients grow.
 
3) What's your plan B →
4) Possible solutions we could build for you → After a customer has signed up we'd like to force them to activate 2-factor authentication with their cell phone.
Integration with Twilio since they offer this solution too, which could be combined with memberstack to make the customer data more secure.

Comments

15 comments

  • Comment author
    Duncan Hamra
    • Official comment

    This is tentatively planned for the 2nd half of 2023. Please leave a comment if you'd like us to get to this sooner 🙏

  • Comment author
    Teresa K

    Customer requesting adding 2FA to embedded members login for additional security.

    https://app.intercom.com/a/apps/mhuvdpg8/inbox/inbox/conversation/129050300195863

    1
  • Comment author
    Stuart Bowler

    In my case we are inreasingly being asked to implement 2FA for member accounts on client projects as a core requirement due to the both perceived and actual step change in account security. We are seeing awareness of 2FA/MFA amongst clients grow.

    0
  • Comment author
    Permanently deleted user

    Thanks for sharing! Definitely noted as we're planning the future roadmap. 🙏

    0
  • Comment author
    Daniel Hwang

    > 4) Possible solutions we could build for you →

    For us, 2FA directly for embedded users isn't strictly needed. If we could enforce all members to authenticate through Google Authentication then we can enforce 2FA from Google Workspace (instead of Memberstack).

    1
  • Comment author
    Anil Araganji

    Client requesting to add 2FA(totp/pin) to his app. Need this feature asap.

    3
  • Comment author
    Chris Galang

    Would love to use 2FA for more security. Client has explained it is now a MUST to have. This could be any type of verification code sent through text, email, or an authentication app. It would be great to have multiple options for members to choose from.

    1
  • Comment author
    Tom Bateman

    Is this still planned for completion sometime soon?

    0
  • Comment author
    RJ Saavedra

    Hi I'm not sure if this is the correct thread for this. I have a memberstack account where I got locked out from. I don't understand why the 2FA google authenticator codes are not working as well as the backup codes. I can't submit a support ticket because it's asking me to signin which opens the 2FA and it's a very frustrating loop.

    Can anyone help me? Thanks!

    1
  • Comment author
    Duncan Hamra

    RJ Saavedra I am going to reach out to via email 👍

    0
  • Comment author
    Elgar Sirajov

    Hi Duncan,

    I'm experiencing the same issue as RJ Saavedra. The owner account is locked out of the Memberstack account due to problems with 2FA and backup codes. Unable to submit a support ticket due to the sign-in loop. Please advise on the next steps for further details.

    Thanks!

    0
  • Comment author
    Duncan Hamra

    Hey Elgar Sirajov 👋

    I've created a support ticket for you. We'll report back once we can tell what's gone wrong. 

    1
  • Comment author
    Josh Lopez

    Hey Elgar Sirajov

    I just removed 2fa from the owner. This should fix the issue. :) 

    1
  • Comment author
    Elgar Sirajov

    Hi Josh, Happy New Year!

    I have a favor to ask. Unfortunately, the issue with resetting the owner email wasn't resolved when we attempted it earlier. Few days later, the admin account they created to sign-in is inaccessible. Could I kindly request you to reset the owner email once again?
    Your assistance is highly appreciated.

    0
  • Comment author
    Josh Lopez

    Hey Elgar Sirajov

    I understand that is frustrating. What is the app id and owner email of the app you are having trouble with? You can DM me in our slack community if you cannot create a new ticket here. This way you dont share it publicly.

    0

Please sign in to leave a comment.