Multi-factor Auth + RLS in PostgreSQL

Показать описание

Multi-factor authentication (MFA), sometimes called two-factor authentication (2FA), adds an additional layer of security to your application by letting you verify users’ identity through extra steps. This typically consists of something you know, like a password, and something you have, like an authenticator application. We built MFA in response to customer requests - developers wanted enhanced security - be it for compliance, client requirements, or simply for peace of mind. As such, we started by building MFA support for Time-Based One Time Passwords (TOTP).

Supabase

Рекомендации по теме

Комментарии

So in (pretty) short: Why does one need Multi-Factor Auth (MFA)? If you have an account with only your email and password (something you know/remember, one factor) and somehow someone is able to get your credentials then the attacker will probably be able to login without any issues. If your account has MFA setup, now the attacker also has to have access to an extra factor, like for example your phone number (when using SMS) or a one-time password (an app), etc. Email/Password combinations are floating around the internet because of hacked services / databases and who knows what happens in the future, so it's not that uncommon. So even if an attacker has your credentials, he/she will still be stopped because the attacker also needs access to that extra factor e.g. needs either physical access (to your phone AND able to login to that phone) or the MFA setup was compromised, both are so much harder to do that unless you're the president of a country or something, no one will bother. That extra layer of protection is so hard to beat every self-respecting service should implement this (unless impact is really low). But I guess it's always a battle between convenience and security.

strmchsr

Let's get local realtime working guys shall we! Been broken for a while now...

jonathangamble

Multi-factor Auth + RLS in PostgreSQL

Multi-factor Auth + RLS in PostgreSQL

Multi-Factor Auth for your apps #shorts

RLS explained in less than 60s! 🧠

Multifactor Authentication via Recovery Codes with Rodauth

How To Create Multi-Tenant Apps With Row-Level Security: RLS Series Part 1

Supabase Tutorial #10 - Intro to RLS & Policies

Supabase Row Level Security with custom Auth provider

How to Enable Azure AD Multi-Factor Authentication? #azure #mfa #azurefridays

How To Manage Sessions, Authentication And Authorization: RLS Series Part 4

Multi-Factor Authentication: Post Enforcement | Tableau Cloud

Row Level Security with @Supabase — Course part 3

How to setup Two Factor Authentication in pgAdmin 4 (Sever Mode)

How To Build A Simple DB Email And Password Auth Flow: RLS Series Part 2

How to change Azure AD multi-factor authentication (MFA) from a user perspective | Microsoft

Scaling Postgres Episode 226 SQL Functions, Explain Buffers, Debug Autovacuum, RLS Multi-Tenancy

How to Setup Row Level Security (RLS) in PostgreSQL

#Supabase Row Level Security (RLS) - Full #FlutterFlow walkthrough

How to Stop Your Email Being Hacked & Boost Security

Basic row level security in Supabase

5mins of Postgres E28: Row-Level security in Postgres, security invoker views & LEAKPROOF functi...

How to secure Power BI data? | Power BI Security Best Practices #short #powerbi

#2FA #NodeJs Two Factor Authentication using NodeJs | Easy Steps

🔐 SSO in Supabase Auth 🔐

Secure your Flutter web app using muti factor authentication