Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v16] Add mfa_weakest_device to UserStatusV2 #47092

Merged
merged 1 commit into from
Oct 2, 2024
Merged

[v16] Add mfa_weakest_device to UserStatusV2 #47092

merged 1 commit into from
Oct 2, 2024

Conversation

tigrato
Copy link
Contributor

@tigrato tigrato commented Oct 2, 2024

Backport of #46957 to branch/v16

@tigrato
Add mfa_weakest_device to UserStatusV2 (#46957)
c6695cf 
This PR introduces the `mfa_weakest_device` value which is used to specify the weakest MFA device for the account.

When a user has no MFA device, it's set to `MFA_DEVICE_KIND_UNSET`.

When a user has at least one TOTP device, it's set to `MFA_DEVICE_KIND_TOTP`.

When a user ONLY has webauthn or U2F devices, it's set to `MFA_DEVICE_KIND_WEBAUTHN`.

This newly introduced field will be utilized by Access Graph to identify insecure patterns that could be potential phishing attack targets, particularly for users without MFA devices or those using TOTP devices.
@tigrato tigrato added the no-changelog Indicates that a PR does not require a changelog entry label Oct 2, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 2, 2024

🤖 Vercel preview here: https://docs-m0xsd2ivk-goteleport.vercel.app/docs/ver/preview

@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from codingllama October 2, 2024 16:47
@tigrato tigrato added this pull request to the merge queue Oct 2, 2024
Merged via the queue into branch/v16 with commit eab917a Oct 2, 2024
45 checks passed
@tigrato tigrato deleted the tigrato/add-status-mfa-device-v16 branch October 2, 2024 17:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rosstimothy rosstimothy rosstimothy approved these changes

@marcoandredinis marcoandredinis marcoandredinis approved these changes

Assignees
No one assigned
Labels
backport documentation no-changelog Indicates that a PR does not require a changelog entry size/md tctl tctl - Teleport admin tool
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tigrato @marcoandredinis @rosstimothy