GOb2b Ideas Portal
I propose adding two-factor authentication (2FA) as a feature for the Gob2b platform. This will enhance security by providing an extra layer of protection against common attacks like phishing and password breaches.
Benefits include:
Improved customer trust and brand reputation.
Compliance with security regulations (e.g., GDPR).
Competitive advantage by offering a more secure platform.
Prevents account takeovers even if passwords are compromised.
Various methods (SMS, email, authenticator apps) can be offered for flexibility, giving users more control over their security.
0
Shipped
I would like it on the CMS by default as someone could do a lot of damage if they got access. I take on board however that not all users of the website may want it.
We have considered extending this to Trade Purchasers and Retail Customers but have decided not to for the following reasons:
We are not convinced that 'trading' accounts for ecommerce websites need to to be protected to such a high degree compared to the administration accounts.
Extra security is another barrier to purchasing
2 Factor resetting for changed phones, email addresses etc is a support burden on our customers
Complications around resetting 2FA could lead to an increased support burden on GOb2b
We are prepared to keep an open mind on this if presented with Use Cases or examples of external demand from end customer organistions.
I have since had this added to the admin; I did mean for the end user too. Is this in the road map ?
2FA is available in GOb2b providing you have had the jQuery V3 update rolled out (this has been done for all themed customers and 80% of bespoke template customers so far) Please contact support to have it turned on.