[ARIN-Suggestions] New Response from ARIN for Suggestion 2024.1

[ARIN]

A new response from ARIN has been posted for Suggestion 2024.1. Find the original suggestion and latest response from ARIN below. 


Regards, 

American Registry for Internet Numbers (ARIN)

--------
ACSP Suggestion 2024.1: Multi-factor authentication option for API keys
https://www.arin.net/participate/community/acsp/suggestions/2024/2024-01/

Author: Rich Compton   

Description: Create some sort of MFA for API keys. Perhaps an option to only allow an API key to connect from a particular IP address or subnet. Or perhaps the API key is only valid for a certain period of time before it expires.

Value to Community: If an API key is accidentally divulged in a breach the key cannot be used by attackers.

Status: Open

Response from ARIN: Thank you for your suggestion, numbered 2024.1 upon confirmed receipt, asking that ARIN implement some form of multi-factor authentication (MFA) for API keys. ARIN agrees that this would be a good improvement to the security of ARIN systems.

We will investigate the requirements to build this new feature and schedule it for future development. Your suggestion will remain open until implemented.

Thank you for participating in the ARIN Consultation and Suggestion Process.