2FA / MFA / 2 Factor Auth expiration
planned
S
Steven Sproat
(This applies to several area of the system, and wasn't sure where to best post it in canny.)
We have recently switched on 2FA and have instantly had a lot of grumbles from our staff regarding the need to 2FA often. Going into backoffice, POS, CloudMT all require a 2FA prompt, and it seems this has a short expiration - if the login session expires, then the next login requires 2FA.
Can the 2FA expiration be increased independently of the login expiration?
Also can a small and easy UI improvement be made - to auto-focus the 'enter the code' input textbox after sending the 2FA code.
Suzy Weightman
Hi everyone,
Just another quick update for you.
Cloud Reports & Cloud MT have now been updated to introduce the expiration functionality. The changes to the Courier Module & Customer Rewards will be deployed in the next couple of weeks.
Thanks,
Suzy
Suzy Weightman
Merged in a post:
2FA inconsistencies
R
Richard T
Currently Backoffice and POS has a session timeout of 7 days, which is great. but other areas seem quite random. e.g. Reports, you have to use 2FA everytime you log in. Please can you change it so all areas of CitrusLime have 7 day sessions.
we have had to turn 2FA off due to a lot of people having to sign in 5-10 times a day in reports/MT/Shipping etc. etc.
this is costing us time, money and also costing CitrusLime Money too as it's sending out 100s of extra text messages per day that are not needed
L
Laura Foster
Hello all,
The work to introduce expiration functionality into Cloud Reports and Cloud MT is ready.
Both of these changes will be rolled out to the platform this week - please keep an eye on our Status Page (https://status.citruslime.com/) for timings of the updates.
Thanks!
P
Peter Carol
Ditto, also turned off as it is unusable. A local token in the browser like a cookie perhaps. I just want to restrict usage to the machines on site.
S
Steven S
This is a massive waste of time in the department having to login to Cloud Reports, Consignment Tracking and MT all the time.
Suzy Weightman
Hi all,
This will be changed in the hotpatch of Cloud POS which is being rolled out on Monday - this will be set to 7 days.
Thanks,
Suzy
B
Ben
Suzy Weightman Will this be the same for Cloud Reports and Cloud MT? Our team find the Cloud Reports one quite difficult as it logs you out quite regularly and 2FA is required for every login in Cloud Reports.
Suzy Weightman
Ben: Hi Ben,
This will just impact Cloud POS in the change being rolled out on Monday.
More work will be required to add expiration functionality into Cloud Reports and Cloud MT but it is something we're looking to add here too.
B
Ben
Suzy Weightman Great. Thank you. Good to hear about Cloud POS and will look out for the others. I can feel the glares from our team each time they have to reach for their phone :)
R
Richard T
Steven Sproat have you heard any more about this expiration being extended?
S
Steven Sproat
Richard T I haven't, no
R
Richard T
Suzy Weightman Cate Barnes do you have an eta for when the 7 day session is being implemented for this? Thank you
P
Phil Topliss
What happens if a staff member doesn't have a mobile or doesn't bring it into work, is there a backup method
Neil McQuillan - CEO Citrus-Lime
marked this post as
planned
Load More
→