Admin users should be forced to use MFA
ErikDK
Posts: 2
There are probably still many admins who have not yet enabled MFA on their ZyXEL account. Anyone who knows such username+password can log in to Nebula and start managing the network.
We want better security in Nebula!
ZyXEL, please make MFA mandatory for any user who is a Nebula admin. This implies that admin permissions should be automatically revoked from any user who disables MFA.
Currently, we have to trust that new admin users enable MFA and keep it enabled, but we have no guarantee that they actually do so.
ZyXEL, if you cannot fulfill this requirement in the short term, at least consider creating a report/overview with admins who have/haven't enabled MFA.
Thanks!
1
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight