Making 2FA a little easier

Transparent will remember this

If you are reading this, and you enjoy the products offered by Transparent Edge, you probably have 2FA enabled in your account to have that much needed extra security these days.

Like any new implementation, as it is used, we are receiving feedback from users and sometimes they have raised a suggestion for improvement, not of security, but of “tiredness”. And is that, every time you want to log in, you have to go to your trusted code generation application, in order to enter that code, ensuring that you and only you, are the one accessing your account; and this can be somewhat tedious if you have to access the panel several times a day. So for these cases, we have implemented the well known: “remember this device”.

When designing this new functionality, the most important premise that we always keep in mind is that the level of security should remain as high as possible. With this premise in mind, we started to think about how to identify the user unequivocally, and we decided to rely on a feature provided by almost all current web browsers.

These are able to record user data such as: the type of browser, the operating system it runs on, the IP, etc. All this data changes if the user tries to access from a different device or location, so we can identify the device from which the registration is made.

But even with these, the bad guys on the Internet could spoof your data to try to impersonate us. So we opted to save one more parameter that identifies the device, and I’m not going to give more details about that one because a magician never reveals his tricks.

With all this, by entering your username and password, selecting the “remember this device” checkbox, and entering the auto-generated code to ensure authentication, we save this data to identify you the next time you want to enter the panel, without having to take out your phone to do so.

A little more security, just in case

If you’ve made it this far, there are only two more details to let you know about this new feature before you rush off to remember your device: the first is how long the system will remember it. It would be a security oversight to have the device stored at infinitum, since it can pass to other hands in more or less desired ways. Therefore, when you want to remember a device, we offer you a list of time periods during which your device will be stored. Once it expires, it will be deleted and you will have to use the auto-generated code again, renewing the “remember device” for a new period of time.

And the second, finally: if, unfortunately, there is an unexpected change of ownership of the device, we’ve got your back. You just need to access your profile settings in the control panel, and there you will find a small section called “Remembered devices”, where we will show you all the devices you have decided to remember, and some information about them so that you can identify them. And of course, the possibility to forget one or more of them.

With this, we hope to encourage the use of two-step authentication, increasing the security of your accounts, and making your day-to-day life in the Transparent Edge control panel a little easier.

Ricardo Amador is Head of Development at Transparent Edge.

If Richi had not been a telecommunications engineer, he would have been a voice actor. The question is whether he would have been as good at it as he is with Python and Django. Graduated from the Polytechnic University of Madrid, he went before that to Sweden to specialize in intelligent embedded systems. Nowadays, there’s no one who can beat him programming APIs and designing software for the only Spanish CDN. An excellent handball player dogged by injuries, he is also one of those bikers who feels the road without bragging about it.