Mitch Posted November 12, 2019 Share Posted November 12, 2019 While 2FA is a great option for security, I feel like there should be additional security measures in place for the UCP My proposals are as follows - If a unknown / suspicious IP login to the account successfully, it flags the account and ask the owner via email to verify that the login is legitimate. So if I connect on a unknown IP that I've never used before, it'll lock me out my account until I verify it through my emails. - Give a list of IPs that's connected / disconnected on the UCP, at the moment, it doesn't show it. - If someone attempts to change the password with a suspicious IP, flag it for admin review and or make the registered email address aware of the change. Link to comment
dionkoffie Posted November 12, 2019 Share Posted November 12, 2019 Or just allow people to enable whitelisted IPs Link to comment
Senior Management Everett Posted February 20, 2020 Senior Management Share Posted February 20, 2020 Hi, Thanks for the suggestion. If the UCP detects a login from a different IP, it will send an OTP (One-time password) to your email which you will need to confirm when logging in now. Link to comment
Recommended Posts