Enable 2FA


#1

We really need some level of secondary authentication support. 2FA through Yubikeys or similar would be ideal. Hell, even Authy would suffice.

Any plans or thoughts on implementing this, as an extra-extra layer on top of Github’s 2FA?


#2

Could you please elaborate on why GitHub’s two-factor authentication is not sufficient for you?


#3

We’re a careful bunch due to compliance reasons. Considering just how well your authentication integration works with Github, it would be nice to have an option in CircleCI to enable 2FA for sessions older than N minutes.

So, even though I am signed in on Github’s side of thing and all is well, I still have to authenticate/2FA with CircleCI now and then.

Call me paranoid but that would offer a strong second-layer of security on top of what you offer today. All without introducing a “user concept” with passwords and such.

Just a thought. It would be nice with something rich like this for added security for us with tinfoil hats on.


#4

Got it, thanks for the context. We’ll see what we can do about this.


#5

Thanks. Looking forward to something :slightly_smiling:


#6