2FA + longer session time

rmeekers · December 12, 2022, 1:56pm

I have a feature request regarding the backend of Piwik Pro:

Can we have the possibility to protect our account with 2 factor authentication? A tag management system is quite sensitive when it comes to website code injection, so I want maximum security on this side
Can we stay logged in longer than currently is the case? After 10? 15? min of inactivity I have to login again; this is quite annoying

And to finish: when my session has expired, I often (most of the time) have to login twice. The first time I submit my credentials, I have to enter them again on the login screen and only thereafter I’m logged in. I think this is a bug.

TymekGF · December 12, 2022, 3:01pm

Hi @rmeekers
2 FA authentication for Core is being developed as we type. It’s a part of a bigger project, we expect to launch it in Q1 2023.
You are correct that the session expires in 30 minutes of inactivity, any activity in the Piwik PRO Analytics suite extends your session for another 30 minutes.

Regarding the session expiration - it should not require you to go through the log in twice, can you share with me your account and user details (in a personal message) so we can troubleshoot?
Tymek

rmeekers · December 12, 2022, 4:07pm

thanks, that’s great to hear! I will share my details in a pm.

chikashi · December 23, 2022, 11:13am

I am also having to log in twice each time a session had expired. A bit annoying…

TymekGF · December 29, 2022, 7:08am

Hi @chikashi welcome to our Community!
Can you confirm you are still asked to log in twice? If so - would you share with me (in a personal message) the HAR file from your browser?
Tymek

chikashi · December 31, 2022, 12:03pm

Hi Tymek,

Thanks for your message.

Clearing the browser history seems to have resolved the issue. FYI, I am using the latest version of Brave on macOS 10.13.6.

If it happens again, I will send you the HAR file for you to examine.

Wishing you a happy and healthy 2023.

Kind regards,
Chikashi

TymekGF · January 2, 2023, 7:36am

thanks @chikashi for sharing an update!
All the best in 2023!

TymekGF · April 18, 2023, 5:15pm

Hi @chikashi @rmeekers ,

Today it was brought to my attention that I missed updating you about the status.
The solution is not yet ready, we’re getting to the final stage of development and heavy testing. As the new solution is going to bring a few other features along we need to test it properly.
The plan for delivery is mid-summer.
Apologies for missing the communication! In case of your questions - don’t hesitate to inquiry here or in a private message.
Tymek

TymekGF · December 4, 2023, 12:49pm

@rmeekers @chikashi
I got a news for you, now you can extend the session inactivity time for your Piwik PRO Core account.
You need to go to Administration - Account - Account settings and change the value for Session inactivity timeout. The default value is set to 30 minutes, you can extend it up to 8 hours.
Tymek

Topic		Replies	Views
Authentication Factor - inability to access after reset Account	2	70	January 10, 2024
"Your subscription has expired!" message Account	2	151	July 6, 2023
Big security updates coming up! Community lobby	2	153	August 28, 2023
Internal server error - July 23 Account	8	174	July 5, 2023
Account Login Error Reports and working with data	2	139	November 3, 2023

2FA + longer session time

Related Topics