Implement option trust this browser/device with 2 factor authentication (2FA)

0
Hi, With 2FA it is pretty common to be able trust a browser/device so you don't have use 2FA every time you login. I would like to build this in Mendix. This would be the use case: User logs in for first time in Mendix App User is required to set up 2FA User now logs in with 2FA for the first time on his computer and checks box trust this browser/device User logs out of the Mendix Application User returns in same browser on same device and logs in Now, 2FA is not needed because it is already trusted   Please note that I don't want to use any external authentication/access service like Azure AD or Auth0. I want to stick with Mendix login and build the 2FA logic myself. Any ideas on how to accomplish this? Thanks!
asked
1 answers
1

The easiest way to achieve this is to set a cookie for that user after he ticks the box. The cookie should store a UUID that you also have in DB and is specific to this user and device. After the user logs in and before prompting for 2FA you can check for the presence of this cookie and query the DB to make sure it is valid.

For more advanced options check this post: https://medium.com/@guillaume.viguierjust/making-two-factor-authentication-more-user-friendly-through-trusted-devices-257acc27b24b

To manipulate the request and response you will need some java see https://forum.mendix.com/link/questions/104358

-Andrej Gajduk

answered