Self-Remediation via Okta
Engage end-users during auth to self-remediate issues
Security & Compliance Checks
Monitor your entire Linux, Mac, and Windows fleet
Device Inventory
Your fleet represented in thousands of data points
Implement Zero Trust Access
Prevent unsecure devices from accessing your apps
Achieve 100% Device Compliance
Measure, achieve, and maintain your compliance goals
Gain Fleet Visibility
Become "all knowing" across Linux, Mac, and Windows
Help / Docs Product Changelog App Security Company
From the blog

Blog

Contents

Changelog

New Checks: Plain-Text MFA Codes Now Available on Windows and Linux

June 2nd, 2020

We are excited to announce the immediate availability of six new checks that complete our check coverage of looking for plain-text multi-factor codes and recovery documents for GSuite, Github, and 1Password.

These recovery documents are essentially plain-text passwords that allow anyone who has them to bypass the multi-factor prompt on their respective services.*

Like all new checks we ship, they are enabled by default, but will not produce any notifications for you or your users until a team-member configures them to do so. You can review these new checks by clicking on the “multi-step-backup-codes” topic on the Checks page.

If you have any questions or feedback on these checks, or would like to see similar checks for additional services, please let us know.

* An exception to this statement should be noted for 1Password’s Emergency Kits. While these kits do contain sensitive data like the vault’s secret key and sign-in address, it requires the user to explicitly write down their master password for it to grant a bad actor full access to their vault.

Share this story:

More articles you
might enjoy:

Changelog
Introducing Mobile Checks
Jason Meller
Changelog
Better Together: New 1Password Checks
Jason Meller
Changelog
Our New CrowdStrike Falcon Check
Jason Meller
Watch a Demo
Zero Trust Access
Designed for Okta
Watch a Demo