More 2FA/MFA security options for admin login
I believe we need more Two-Factor / Multi-factor authentication options - the ability to use:
- Google Authenticator
Paid version we might already be using
- ESET Secure Authentication
- Symantec VIP
- RSA SecureID
The ability to turn on 2FA for some admins and not others.
Lockdown of admin access by IP list would be awesome - for instance, we would 2FA all admins except the admin user issued to the whmcssupport team - my own admin would be locked down to the office IP as well - because I can and would enforce vpn into the office before admin access to WHMCS admin was granted - with my own 2FA on that user as well - ie, strong password, 2FA and IP login lockdown. As strong as we could make it I feel.