1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

2FA: Remember device indefinitely

Discussion in 'XenForo Suggestions' started by Formina Sage, Oct 30, 2015.

  1. Formina Sage

    Formina Sage Member

    I think having to re-authenticate every 30 days is a bit of a hassle, personally. Large services like Google and Facebook don't make me re-authenticate every 30 days, they permanently remember the browser unless cookies are cleared.

    Having the option to adjust the 30 day period to be longer -or indefinite- would cut down on needless overhead when logging into my forum from my laptop or phone (which is still the same trusted device that it was 30 days ago).
     
    Matthew S, ItsHarry, thedude and 7 others like this.
  2. Mike

    Mike XenForo Developer Staff Member

    FWIW, Facebook doesn't but Google most definitely does (at least on the desktop).
     
  3. wcbryant

    wcbryant Active Member

    Going to second this suggestion. Was a huge cheerleader for 2FA (still am), but what I'm finding is my admins are rejecting it because the 30-day cycle is a headache for them. One checks in on his phone, tablet, work desktop, laptop, and home pc. 5 refreshes every 30 days can be a hassle, particularly if they're not savvy enough to have something like Authy so they have code access anywhere.

    I'd rather trust longer than have them not use it at all. If this is something we could configure (perhaps even have different settings for adminCP and the fora) that would be super.

    Hope others will see and like the OP's suggestion. Likes matter.
     
    thedude likes this.
  4. Lisa

    Lisa Well-Known Member

    Or have the authentication time admin-settable (with an indefinite option). I like the idea of having to re-authenticate, just maybe every 3 months instead of every 30 days.
     
    wcbryant, Gossipy, mjda and 1 other person like this.

Share This Page