Keep this place private, add https and 2FA


(Dr Brian Pierce) #1

The forum software your using seems nice but I was surprised that you don’t have set up to use encrypted connections by default.

Likewise, requiring 2FA might be a bit much initially for technophobes but please encourage a simple to use option. DPC docs should be requesting 2FA from online services that handle their data. If not, they should learn:

(Zak Holdsworth) #2

hey @brianpierce we will install security certs in one of our next releases.

I’m thinking that enforcing two factor is probably not on the near term roadmap… we might introduce it as an option, but the other option would be to just use your google account to login, and then make sure you have 2 factor configured for your gmail account. That way you will get the benefit of two factor without us needing to enforce it in the forum.