Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 7 replies
  • Subscribers 13 subscribers
  • Views 1414 views
  • Users 0 members are here
Options
Suggested

I've discovered one of my favorite new things...

Steve Klassen

It took a little while to grow on me, however, having to get a text code multiple times a day, to be able to log into SOPHOS Central on my own computer is just delightful. I didn't think I'd like it at first, however, now I find myself wishing that I could be required to enter a text code every time I send an email, or do a google search. I see no reason that other 2FA systems let you trust a device so you don't need to get a text so often. They are only causing their customers to miss out on the pure joy of waiting for that text to ding in on their phone...

Just bliss!

Parents
  • 0

    Hi Steve,

    Thanks for reaching out.

    If you don’t wish to wait for a 2FA code to be received each time, you can also use something like Google Authenticator or the Sophos Intercept X Mobile application so that a code is ready for you to use each time you need to log in.

    If you'd like to see a feature implemented that allows Sophos Central to remember your device, I suggest reaching out to your Account Manager so that your thoughts can be shared with our product teams for further consideration. 

  • 0 in reply to Qoosh

    Waiting for a text is not the issue. Google Authenticator is no quicker. Requiring a code at every login is far too cumbersome. 2FA is necessary, and a great thing, but this is a punitive implementation of it. Security is always a balance of usability versus protection. The only way to fully protect a system is to unplug it's network connection and turn it off, however, then it serves no purpose. There should be a better balance, and trusting a device is a good way of doing it. Even just a temporary weekly, or monthly trust of a device.

Reply
  • 0 in reply to Qoosh

    Waiting for a text is not the issue. Google Authenticator is no quicker. Requiring a code at every login is far too cumbersome. 2FA is necessary, and a great thing, but this is a punitive implementation of it. Security is always a balance of usability versus protection. The only way to fully protect a system is to unplug it's network connection and turn it off, however, then it serves no purpose. There should be a better balance, and trusting a device is a good way of doing it. Even just a temporary weekly, or monthly trust of a device.

Children
  • 0 in reply to Steve Klassen

    Usually I'll be logged into Central all day. So I need 2FA ~1 time per day. It's OK for me. Central gives you so much power over all your machines with live response and so on, personally I would not like the idea that a hacked admin PC is trusted just by it's browser cookies or UUID. But I can understand your concern and that it's some kind of annoying to repeat this multiple times a day.