You are viewing a plain text version of this content. The canonical link for it is here.

Posted to security-discuss@community.apache.org by Craig Russell <pa...@gmail.com> on 2022/08/30 15:17:55 UTC

2FA recovery protocols for OAuth

I looked for a discussion of the Apache OAuth implementation of 2FA recovery and did not find anything.

https://infra.apache.org/2fa-policy.html
https://oauth.apache.org/api.html

There are many details on how it works and how to set it up.

But nothing about what to do if you lose your 2FA token. 

Other online services publish their recovery protocols. I think we should also.

Craig

Craig L Russell
papajdo@gmail.com
1220 University Ave
San Jose, CA 95126






---------------------------------------------------------------------
To unsubscribe, e-mail: security-discuss-unsubscribe@community.apache.org
For additional commands, e-mail: security-discuss-help@community.apache.org