|
|
|
|
|
|
by ehsankia
2382 days ago
|
|
|
Have forced 2fa through e-mail for new device/ip location more than X miles away. Users rarely login from a new device, or randomly login from a different country. Tagging those as suspicious and making the user get a code from their email is simple and goes a long way in increasing security with minimal annoyance. |
|
|