Hide the dialog box when 2-Factor authentication

Answered

2 Comments

  • Caroline Kello
    Zendesk Product Manager

    Hi! Thanks for this piece of feedback. We currently don't have any plans to remove this checkbox but it's an interesting idea for sure. I've added this feedback to our internal tool for tracking. 

    0
  • Troy Johnston

    Hi Caroline,

    It is interesting that Zendesk think of IT security as simply a 'feature' and not a mandatory component.  Users will never upvote IT security in comparison to bells n whistles features.... right now there is extreme risk.

    It is not a great answer though, Zendesk.  Sincerely the 2FA implementation is flawed.  2FA in a business context is meant to be implemented as a scheme that permits administrators to make the use of this mandatory.  

    The current implementation does leave Zendesk open to potential legal action I would believe should Personally Identifying (PI) or sensitive data be stolen via a breach.

    This would be straight-forward to remediate by implementing the common design that permits admin to enforce 2FA.

    Why will Zendesk not consider and take action on this yourselves?  

    It would be a relatively simple change to lock down the user screens to no longer permit the 30 day 'trust'.

    Please note that as a very small company we do not have intention or capability to implement SSO.  However we do have copies of PI and possibly sensitive information within our tickets and we do take information security seriously and would like to see Zendesk make an uplift here to properly secure your 2FA design - for everyone.

    I'd like to see Zendesk take the lead here.

    Regards,
    Troy

    0

Please sign in to leave a comment.

Powered by Zendesk