Make the mobile app a factor in MFA via notification like "Are you trying to log in...?"
tracked
Nyx Onyx
As an alternative to TOTP for MFA, make the Second Life app on Android and Apple devices act as a MFA factor for logging in:
- Log in on Second Life app, in settings add the current device as a trusted factor for MFA
- When logging in on a new (different) device, and periodically, if enabled like stated above, send a notification to the trusted device asking if the user is trying to log in on another device, and have the user pick a number that corresponds to one showing on the other device's screen.
Adobe, Microsoft and Google all three uses this for securing logins while making it easier to use than reading and typing a code in time before it changes.
Log In
Bridie Linden
marked this post as
tracked
fyreflower Resident
I wanted to second this Nyx suggestion. I trust a Linden Labs authenticator more than a Master G one.
Toothless Draegonne
I'll also suggest perhaps adding Yubikey and similar support. MFA is good. MFA that locks your account out if you lose your phone, not so much. Being able to set up and just tap a Yubikey at the SL login would be a great way of making MFA easy, and in fact easier than a normal login.
Nyx Onyx
Toothless Draegonne It would be great if we could add more than one extra factor, and more than one of the same type as well, and let you choose at time of login / re-authing.