[ARIN-consult] [ARIN-Consult] Consultation on Expanding 2FA Options for ARIN Online

Richard Laager rlaager at wiktel.com
Tue Jan 24 15:22:43 EST 2023


On 1/24/23 12:56, Adam Thompson wrote:
> Why on earth would you set a hard-coded limit?  It's not like an additional database table is expensive.
While, in general, I understand this sentiment (real world cardinality 
is usually: 1, 2, or many), I do see two counterpoints. Even speaking in 
general, it is sometimes useful to define a limit for testing purposes. 
If you say, "We support 5", then you are hopefully actually testing 5.

In this particular situation, I think the following argument is even 
more relevant:

On 1/24/23 14:02, Tim Lyons via ARIN-consult wrote:
> In terms of allowing the registration of multiple hardware security 
> keys, I suggest allowing a maximum of 3 keys to be registered. This 
> provides backup options in case a user loses or misplaces their 
> primary key but encourages users to be cognizant of deleting old keys 
> that have been lots or become non-functional.

-- 
Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20230124/7da3209d/attachment.htm>


More information about the ARIN-consult mailing list