/
Account Server 3.44 Release notes

Account Server 3.44 Release notes

Owned by Avishek Chatterjee
Last updated: Mar 26, 2024
2 min read

MFA (Multi-Factor Authentication)

  1. Organisation users having app.settings.admin can enable MFA for all username/email and password users of the org from the domain settings section.

    image-20240325-115206.png
    Domain settings section

MFA can only be enabled when email verification is enabled.

Users using 'Login with Google' can turn on 2FA on their google account settings.

If app.settings.admin role is not assigned to any of your organisation’s user please contact Increff support team.

  1. User level MFA can also be turned on only for username/email and password users who are already verified or pending for verification.

    image-20240325-120810.png
    User MFA toggle

     

  2. After logging in user will be redirected to MFA screen where he needs to enter the OTP received on registered email.

Security enhancements

  1. Account server now stores password history of last 5 passwords which was previously 3, i.e. users can’t use their last 5 passwords while changing password.

Minor bug fixes

  1. While signing up for new organisation user will be assigned app.admin as well as app.settings.admin.

  2. While signing up for new organisation email verification will not be needed.