Hello,
How to correctly set up the 2FA code lifetime?
In Studio > Settings > Account > Enable 2 Factor Authentication, there is this option: '2FA code lifetime, in seconds (0 - send code upon each login)'
What should I enter in there if I would like the 2FA to be requested only once (not upon each login)?
Also, what is the best practice for the two-factor authentication code lifetime: 3 days, 7 days, 14 days, 30 days, 90 days or more?
BTW, is this code lifetime stored in a cookie file or database? How is it handled when, let's say, after the first login someone logs in back from another device (Computer, mobile)? Does the same code lifetime from the previous login still apply?
Thanks
Comments
hello @OneEagle !
no such ability in UNA, SMS will send each login anyway, lifetime - timeframe in seconds until current code is valid, after it need to request it again
Hi @Roman L
Thanks a lot for your reply. Ok I understand. So what reasonable (recommended) amount of seconds should I enter taking into consideration the cost of sending SMS? Twilio is expensive.
What is the best practice for the two-factor authentication code lifetime: 1 days, 3 days, 7 days, 14 days, 30 days, 90 days or more?
Also as asked in my post above, How is the code lifetime stored? in a cookie file or database? How does the system handle it when someone change the device for login?
Thanks
Hello,
Any help?
hello @OneEagle !
Sorry for delay.
Hi @Roman L
Thank you for the clarification. You have helped me a lot.