Add the ability to require 2FA for accounts.
Many sites and online providers today require the use of 2FA to secure accounts. It would be great if Plesk could require the same thing (at least for administrative accounts). I think this could really help increase the security posture of the software.
As it stands now, Google Auth is optional, and a user has the ability to enable/disable it at will, which isn't ideal.
According to this thread, there are currently areas where 2FA wouldn't currently be possible, but all of these issues have already been solved by other companies. I have no doubt that Plesk could do it as well.
https://talk.plesk.com/threads/is-it-possible-to-force-2fa.369633/
We are glad to announce the new Multi-Factor Authentication (MFA) extension (https://www.plesk.com/extensions/mfa/), coming to Plesk Obsidian 18.0.61 and later. The new extension is meant to offer seamless 2FA authentication to all Plesk users, and comes with one of the following benefits:
- Plesk administrators can now make multi-factor authentication mandatory for all Plesk users on a server. Learn more about making multi-factor authentication mandatory.
If you have any feedback on the implementation of this feature, please let us know on the forum: https://talk.plesk.com/.
— AY
-
joseinfografo commented
¿But is MFA functional for webmail? I went in and didn't see it. Best regards.Pero la MFA esta funcional para el correo de webmail? He entrado y no lo he visto.
Un saludo. -
Zac commented
That's fantastic news. Thank you!
-
Leon Blokland commented
Absolutely a must for accounts with high impact access!!