15
2FA for Website Admins
under review
Tyler Bell
1) The problem → The only way to authenticate in Memberstack is with a password or with Google auth. If a person guesses my password or gets access to my device they might be able to get into my Memberstack account.
2) Why is this important → I'm liable for security breaches, and my members' lives could be negatively affected if their information is stolen.
3) What's your plan B → Create a completely crazy password & hope a hacker doesn't get access to my inbox.
4) Possible solutions →
- Authenticator apps (Segment does this)
- Send a 6 digit code by text message to verify its me. (Stripe does this)
Activity
Newest
Oldest
Amure Pinho
This is so important. A lot of sensitive users data rely on our login security.
A
Andrew Dillon
Agreed, as a company taking payments this is a crucial PCI compliance need.
Naitik Mehta
under review
P
Paul Heywood
Upvote from me - we don't use Google in our business, and would prefer authenticator apps. Seems like a minimum standard for authentication these days.