Seems like in the latest release of the app platform, the ability to restart environments without 2 factor authentication has been removed. I have a production app that is currently down, and would like to restart it, however, when I try to authenticate using sms, I get the following error: So now I am stuck? Its after working hours, I could file a ticket, but I really need to get the app restarted and a ticket won't be dealt with until tomorrow morning at the earliest......There must be a better way to ensure the security of Mendix apps.....
asked
Mike Kumpf
2 answers
2
Achiel,
Thanks for the response. I have a few thoughts:
Perhaps when a new release is made that has a change like this, there could be an important section or something in the release notes that highlights this type of change. Especially with changes like this where I don't have an ability to change this in any configuration settings, the change happens without me opting in to it and I am not likely to encounter the change until there is an issue (like needing to restart a production instance)
if the SMS authentication is problematic or doesn't work all the time, maybe it shouldn't be included at all?
it would be great if this was configurable by the technical contact for the app, i.e. I could turn off and on the ability to authenticate via Google Authenticator, SMS or perform restarts without authenticating in either way
Just my ideas,
Mike.
answered
Mike Kumpf
0
We advise our customers to switch to google authenticator (TOTP) if they're currently using text (SMS) based authentication. This doesn't rely on out-of-band communication so is guaranteed to work. You should get a popup after each time you've authenticated with text asking you to switch.