GitLab Support is no longer processing MFA resets for free users

Thread starter Ink
Start date Aug 11, 2020

Ink

Administrator

Thread author

Verified

Staff Member

Well-known

Aug 11, 2020

Content source: https://about.gitlab.com/blog/2020/08/04/gitlab-support-no-longer-processing-mfa-resets-for-free-users/

Today our users are starting to face attack-vectors that were previously unheard of on GitLab.com. As a result, we don’t want our security practices to be only going through the motions of security. We’ve all seen examples of companies whose Multi-Factor Authentication (MFA) reset policies negate the security benefits of MFA on accounts.

Today we’re announcing a change that will put account security wholly in the hands of our users.

If you are caught where you are not able to provide your MFA token and without these backup methods, your account will be irrecoverable.

Reactions: Gandalf_The_Grey, Protomartyr and TairikuOkami

TairikuOkami

Level 35

Verified

Top Poster

Content Creator

Well-known

Aug 11, 2020

One of the reasons, I enable 2FA, only when I have to. I have seen way too many people to complain, that they can not regain access their accounts with 2FA enabled, sometimes the service is at fault. Well they can not, if there is a good 2FA in place. I like 2FA with multiple options, like SMS or email.

Reactions: Gandalf_The_Grey, Vitali Ortzi, Protomartyr and 1 other person

You must log in or register to reply here.